Merge "Remove IKeystoreMaintenance#getState()" into main
diff --git a/diced/OWNERS b/diced/OWNERS
deleted file mode 100644
index 387cd93..0000000
--- a/diced/OWNERS
+++ /dev/null
@@ -1,3 +0,0 @@
-alanstokes@google.com
-aliceywang@google.com
-ascull@google.com
diff --git a/diced/TEST_MAPPING b/diced/TEST_MAPPING
deleted file mode 100644
index 7628d25..0000000
--- a/diced/TEST_MAPPING
+++ /dev/null
@@ -1,24 +0,0 @@
-{
- "presubmit": [
- {
- "name": "libdiced_open_dice.integration_test"
- },
- {
- "name": "libdiced_open_dice_nostd.integration_test"
- },
- {
- "name": "libopen_dice_cbor_bindgen_test"
- },
- {
- "name": "libopen_dice_android_bindgen_test"
- },
- {
- "name": "libdiced_sample_inputs.integration_test"
- }
- ],
- "postsubmit": [
- {
- "name": "libdiced_sample_inputs_nostd.integration_test"
- }
- ]
-}
diff --git a/diced/open_dice/Android.bp b/diced/open_dice/Android.bp
deleted file mode 100644
index 745b86e..0000000
--- a/diced/open_dice/Android.bp
+++ /dev/null
@@ -1,260 +0,0 @@
-package {
- default_visibility: [":__subpackages__"],
- default_applicable_licenses: ["Android-Apache-2.0"],
-}
-
-rust_defaults {
- name: "libdiced_open_dice_defaults",
- crate_name: "diced_open_dice",
- srcs: ["src/lib.rs"],
-}
-
-rust_library_rlib {
- name: "libdiced_open_dice_nostd",
- defaults: ["libdiced_open_dice_defaults"],
- rustlibs: [
- "libopen_dice_android_bindgen_nostd",
- "libopen_dice_cbor_bindgen_nostd",
- "libzeroize_nostd",
- ],
- features: [
- "alloc",
- ],
- whole_static_libs: [
- "libopen_dice_cbor",
- "libcrypto_baremetal",
- ],
- visibility: [
- "//packages/modules/Virtualization:__subpackages__",
- "//system/security/diced/sample_inputs",
- ],
-}
-
-rust_library {
- name: "libdiced_open_dice",
- defaults: ["libdiced_open_dice_defaults"],
- vendor_available: true,
- rustlibs: [
- "libopen_dice_android_bindgen",
- "libopen_dice_cbor_bindgen",
- "libzeroize",
- ],
- features: [
- "alloc",
- "std",
- ],
- shared_libs: [
- "libcrypto",
- ],
- static_libs: [
- "libopen_dice_cbor",
- ],
- whole_static_libs: [
- "libopen_dice_android",
- ],
- visibility: [
- "//system/security/diced:__subpackages__",
- "//packages/modules/Virtualization:__subpackages__",
- "//hardware/interfaces/security/dice/aidl:__subpackages__",
- ],
- apex_available: [
- "//apex_available:platform",
- "com.android.virt",
- ],
-}
-
-rust_defaults {
- name: "libdiced_open_dice_test_defaults",
- crate_name: "diced_open_dice_test",
- srcs: ["tests/*.rs"],
- test_suites: ["general-tests"],
-}
-
-rust_test {
- name: "libdiced_open_dice.integration_test",
- defaults: ["libdiced_open_dice_test_defaults"],
- rustlibs: [
- "libdiced_open_dice",
- ],
-}
-
-rust_test {
- name: "libdiced_open_dice_nostd.integration_test",
- defaults: ["libdiced_open_dice_test_defaults"],
- rustlibs: [
- "libdiced_open_dice_nostd",
- ],
-}
-
-rust_defaults {
- name: "libopen_dice_bindgen_nostd.rust_defaults",
- bindgen_flags: [
- "--use-core",
- "--ctypes-prefix=core::ffi",
- "--raw-line=#![no_std]",
- ],
- no_stdlibs: true,
- prefer_rlib: true,
- stdlibs: [
- "libcore.rust_sysroot",
- "libcompiler_builtins.rust_sysroot",
- ],
- target: {
- musl: {
- enabled: false,
- },
- glibc: {
- enabled: false,
- },
- darwin: {
- enabled: false,
- },
- },
-}
-
-rust_defaults {
- name: "libopen_dice.rust_defaults",
- host_supported: true,
- vendor_available: true,
- apex_available: [
- "//apex_available:platform",
- "com.android.compos",
- "com.android.virt",
- ],
-}
-
-rust_defaults {
- name: "libopen_dice_cbor_bindgen.rust_defaults",
- wrapper_src: "bindgen/dice.h",
- crate_name: "open_dice_cbor_bindgen",
- source_stem: "bindings",
- bindgen_flags: [
- "--rustified-enum DiceConfigType",
- "--rustified-enum DiceMode",
- "--rustified-enum DiceResult",
-
- // By generating only essential functions, we can make bindings concise and
- // optimize compilation time.
- "--allowlist-function=DiceDeriveCdiPrivateKeySeed",
- "--allowlist-function=DiceDeriveCdiCertificateId",
- "--allowlist-function=DiceMainFlow",
- "--allowlist-function=DiceHash",
- "--allowlist-function=DiceKdf",
- "--allowlist-function=DiceKeypairFromSeed",
- "--allowlist-function=DiceSign",
- "--allowlist-function=DiceVerify",
- "--allowlist-function=DiceGenerateCertificate",
-
- // We also need some constants in addition to the functions.
- "--allowlist-var=DICE_CDI_SIZE",
- "--allowlist-var=DICE_HASH_SIZE",
- "--allowlist-var=DICE_HIDDEN_SIZE",
- "--allowlist-var=DICE_INLINE_CONFIG_SIZE",
- "--allowlist-var=DICE_PRIVATE_KEY_SEED_SIZE",
- "--allowlist-var=DICE_ID_SIZE",
- "--allowlist-var=DICE_PUBLIC_KEY_SIZE",
- "--allowlist-var=DICE_PRIVATE_KEY_SIZE",
- "--allowlist-var=DICE_SIGNATURE_SIZE",
- ],
-}
-
-rust_bindgen {
- name: "libopen_dice_cbor_bindgen",
- defaults: [
- "libopen_dice.rust_defaults",
- "libopen_dice_cbor_bindgen.rust_defaults",
- ],
- whole_static_libs: ["libopen_dice_cbor"],
-}
-
-rust_bindgen {
- name: "libopen_dice_cbor_bindgen_nostd",
- defaults: [
- "libopen_dice_cbor_bindgen.rust_defaults",
- "libopen_dice_bindgen_nostd.rust_defaults",
- ],
- whole_static_libs: ["libopen_dice_cbor_baremetal"],
-}
-
-rust_defaults {
- name: "libopen_dice_android_bindgen.rust_defaults",
- wrapper_src: "bindgen/android.h",
- crate_name: "open_dice_android_bindgen",
- source_stem: "bindings",
- bindgen_flags: [
- // By generating only essential functions, we can make bindings concise and
- // optimize compilation time.
- "--allowlist-function=DiceAndroidFormatConfigDescriptor",
- "--allowlist-function=DiceAndroidMainFlow",
- "--allowlist-function=DiceAndroidHandoverMainFlow",
- "--allowlist-function=DiceAndroidHandoverParse",
-
- // We also need some constants in addition to the functions.
- "--allowlist-var=DICE_ANDROID_CONFIG_.*",
-
- // Prevent DiceInputValues from being generated a second time and
- // import it instead from open_dice_cbor_bindgen.
- "--blocklist-type=DiceInputValues_",
- "--blocklist-type=DiceInputValues",
- "--raw-line",
- "pub use open_dice_cbor_bindgen::DiceInputValues;",
-
- // Prevent DiceResult from being generated a second time and
- // import it instead from open_dice_cbor_bindgen.
- "--blocklist-type=DiceResult",
- "--raw-line",
- "pub use open_dice_cbor_bindgen::DiceResult;",
- ],
-
-}
-
-rust_bindgen {
- name: "libopen_dice_android_bindgen",
- defaults: [
- "libopen_dice.rust_defaults",
- "libopen_dice_android_bindgen.rust_defaults",
- ],
- rustlibs: [
- "libopen_dice_cbor_bindgen",
- ],
- whole_static_libs: ["libopen_dice_android"],
-}
-
-rust_bindgen {
- name: "libopen_dice_android_bindgen_nostd",
- defaults: [
- "libopen_dice_android_bindgen.rust_defaults",
- "libopen_dice_bindgen_nostd.rust_defaults",
- ],
- rustlibs: [
- "libopen_dice_cbor_bindgen_nostd",
- ],
- whole_static_libs: ["libopen_dice_android_baremetal"],
-}
-
-rust_test {
- name: "libopen_dice_cbor_bindgen_test",
- srcs: [
- ":libopen_dice_cbor_bindgen",
- ],
- crate_name: "open_dice_cbor_bindgen_test",
- test_suites: ["general-tests"],
- auto_gen_config: true,
- clippy_lints: "none",
- lints: "none",
-}
-
-rust_test {
- name: "libopen_dice_android_bindgen_test",
- srcs: [
- ":libopen_dice_android_bindgen",
- ],
- crate_name: "open_dice_android_bindgen_test",
- rustlibs: [
- "libopen_dice_cbor_bindgen",
- ],
- test_suites: ["general-tests"],
- auto_gen_config: true,
- clippy_lints: "none",
- lints: "none",
-}
diff --git a/diced/open_dice/bindgen/android.h b/diced/open_dice/bindgen/android.h
deleted file mode 100644
index 18f6476..0000000
--- a/diced/open_dice/bindgen/android.h
+++ /dev/null
@@ -1,17 +0,0 @@
-// Copyright 2021 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License"); you may not
-// use this file except in compliance with the License. You may obtain a copy of
-// the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-// License for the specific language governing permissions and limitations under
-// the License.
-
-#pragma once
-
-#include <dice/android.h>
diff --git a/diced/open_dice/bindgen/dice.h b/diced/open_dice/bindgen/dice.h
deleted file mode 100644
index 47fe911..0000000
--- a/diced/open_dice/bindgen/dice.h
+++ /dev/null
@@ -1,18 +0,0 @@
-// Copyright 2021 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License"); you may not
-// use this file except in compliance with the License. You may obtain a copy of
-// the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-// License for the specific language governing permissions and limitations under
-// the License.
-
-#pragma once
-
-#include <dice/dice.h>
-#include <dice/ops.h>
diff --git a/diced/open_dice/src/bcc.rs b/diced/open_dice/src/bcc.rs
deleted file mode 100644
index 199e1a9..0000000
--- a/diced/open_dice/src/bcc.rs
+++ /dev/null
@@ -1,223 +0,0 @@
-// Copyright 2023, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! This module mirrors the content in open-dice/include/dice/android.h
-
-use crate::dice::{Cdi, CdiValues, DiceArtifacts, InputValues, CDI_SIZE};
-use crate::error::{check_result, DiceError, Result};
-use open_dice_android_bindgen::{
- DiceAndroidConfigValues, DiceAndroidFormatConfigDescriptor, DiceAndroidHandoverMainFlow,
- DiceAndroidHandoverParse, DiceAndroidMainFlow, DICE_ANDROID_CONFIG_COMPONENT_NAME,
- DICE_ANDROID_CONFIG_COMPONENT_VERSION, DICE_ANDROID_CONFIG_RESETTABLE,
- DICE_ANDROID_CONFIG_SECURITY_VERSION,
-};
-use std::{ffi::CStr, ptr};
-
-/// Contains the input values used to construct the Android Profile for DICE
-/// configuration descriptor.
-#[derive(Default, Debug)]
-pub struct DiceConfigValues<'a> {
- /// Name of the component.
- pub component_name: Option<&'a CStr>,
- /// Version of the component.
- pub component_version: Option<u64>,
- /// Whether the key changes on factory reset.
- pub resettable: bool,
- /// Monotonically increasing version of the component.
- pub security_version: Option<u64>,
-}
-
-/// Formats a configuration descriptor following the Android Profile for DICE specification.
-/// See https://pigweed.googlesource.com/open-dice/+/refs/heads/main/docs/android.md.
-pub fn bcc_format_config_descriptor(values: &DiceConfigValues, buffer: &mut [u8]) -> Result<usize> {
- let mut configs = 0;
-
- let component_name = values.component_name.map_or(ptr::null(), |name| {
- configs |= DICE_ANDROID_CONFIG_COMPONENT_NAME;
- name.as_ptr()
- });
- let component_version = values.component_version.map_or(0, |version| {
- configs |= DICE_ANDROID_CONFIG_COMPONENT_VERSION;
- version
- });
- if values.resettable {
- configs |= DICE_ANDROID_CONFIG_RESETTABLE;
- }
- let security_version = values.security_version.map_or(0, |version| {
- configs |= DICE_ANDROID_CONFIG_SECURITY_VERSION;
- version
- });
-
- let values =
- DiceAndroidConfigValues { configs, component_name, component_version, security_version };
-
- let mut buffer_size = 0;
- check_result(
- // SAFETY: The function writes to the buffer, within the given bounds, and only reads the
- // input values. It writes its result to buffer_size.
- unsafe {
- DiceAndroidFormatConfigDescriptor(
- &values,
- buffer.len(),
- buffer.as_mut_ptr(),
- &mut buffer_size,
- )
- },
- buffer_size,
- )?;
- Ok(buffer_size)
-}
-
-/// Executes the main Android DICE flow.
-///
-/// Given a full set of input values along with the current DICE chain and CDI values,
-/// computes the next CDI values and matching updated DICE chain.
-pub fn bcc_main_flow(
- current_cdi_attest: &Cdi,
- current_cdi_seal: &Cdi,
- current_chain: &[u8],
- input_values: &InputValues,
- next_cdi_values: &mut CdiValues,
- next_chain: &mut [u8],
-) -> Result<usize> {
- let mut next_chain_size = 0;
- check_result(
- // SAFETY: `DiceAndroidMainFlow` only reads the `current_chain` and CDI values and writes
- // to `next_chain` and next CDI values within its bounds. It also reads `input_values` as a
- // constant input and doesn't store any pointer.
- // The first argument can be null and is not used in the current implementation.
- unsafe {
- DiceAndroidMainFlow(
- ptr::null_mut(), // context
- current_cdi_attest.as_ptr(),
- current_cdi_seal.as_ptr(),
- current_chain.as_ptr(),
- current_chain.len(),
- input_values.as_ptr(),
- next_chain.len(),
- next_chain.as_mut_ptr(),
- &mut next_chain_size,
- next_cdi_values.cdi_attest.as_mut_ptr(),
- next_cdi_values.cdi_seal.as_mut_ptr(),
- )
- },
- next_chain_size,
- )?;
- Ok(next_chain_size)
-}
-
-/// Executes the main Android DICE handover flow.
-///
-/// A handover combines the DICE chain and CDIs in a single CBOR object.
-/// This function takes the current boot stage's handover bundle and produces a
-/// bundle for the next stage.
-pub fn bcc_handover_main_flow(
- current_handover: &[u8],
- input_values: &InputValues,
- next_handover: &mut [u8],
-) -> Result<usize> {
- let mut next_handover_size = 0;
- check_result(
- // SAFETY: The function only reads `current_handover` and writes to `next_handover`
- // within its bounds,
- // It also reads `input_values` as a constant input and doesn't store any pointer.
- // The first argument can be null and is not used in the current implementation.
- unsafe {
- DiceAndroidHandoverMainFlow(
- ptr::null_mut(), // context
- current_handover.as_ptr(),
- current_handover.len(),
- input_values.as_ptr(),
- next_handover.len(),
- next_handover.as_mut_ptr(),
- &mut next_handover_size,
- )
- },
- next_handover_size,
- )?;
-
- Ok(next_handover_size)
-}
-
-/// An Android DICE handover object combines the DICE chain and CDIs in a single CBOR object.
-/// This struct is used as return of the function `android_dice_handover_parse`, its lifetime is
-/// tied to the lifetime of the raw handover slice.
-#[derive(Debug)]
-pub struct BccHandover<'a> {
- /// Attestation CDI.
- cdi_attest: &'a [u8; CDI_SIZE],
- /// Sealing CDI.
- cdi_seal: &'a [u8; CDI_SIZE],
- /// DICE chain.
- bcc: Option<&'a [u8]>,
-}
-
-impl<'a> DiceArtifacts for BccHandover<'a> {
- fn cdi_attest(&self) -> &[u8; CDI_SIZE] {
- self.cdi_attest
- }
-
- fn cdi_seal(&self) -> &[u8; CDI_SIZE] {
- self.cdi_seal
- }
-
- fn bcc(&self) -> Option<&[u8]> {
- self.bcc
- }
-}
-
-/// This function parses the `handover` to extracts the DICE chain and CDIs.
-/// The lifetime of the returned `DiceAndroidHandover` is tied to the given `handover` slice.
-pub fn bcc_handover_parse(handover: &[u8]) -> Result<BccHandover> {
- let mut cdi_attest: *const u8 = ptr::null();
- let mut cdi_seal: *const u8 = ptr::null();
- let mut chain: *const u8 = ptr::null();
- let mut chain_size = 0;
- check_result(
- // SAFETY: The `handover` is only read and never stored and the returned pointers should
- // all point within the address range of the `handover` or be NULL.
- unsafe {
- DiceAndroidHandoverParse(
- handover.as_ptr(),
- handover.len(),
- &mut cdi_attest,
- &mut cdi_seal,
- &mut chain,
- &mut chain_size,
- )
- },
- chain_size,
- )?;
- let cdi_attest = sub_slice(handover, cdi_attest, CDI_SIZE)?;
- let cdi_seal = sub_slice(handover, cdi_seal, CDI_SIZE)?;
- let bcc = sub_slice(handover, chain, chain_size).ok();
- Ok(BccHandover {
- cdi_attest: cdi_attest.try_into().map_err(|_| DiceError::PlatformError)?,
- cdi_seal: cdi_seal.try_into().map_err(|_| DiceError::PlatformError)?,
- bcc,
- })
-}
-
-/// Gets a slice the `addr` points to and of length `len`.
-/// The slice should be contained in the buffer.
-fn sub_slice(buffer: &[u8], addr: *const u8, len: usize) -> Result<&[u8]> {
- if addr.is_null() || !buffer.as_ptr_range().contains(&addr) {
- return Err(DiceError::PlatformError);
- }
- // SAFETY: This is safe because addr is not null and is within the range of the buffer.
- let start: usize = unsafe {
- addr.offset_from(buffer.as_ptr()).try_into().map_err(|_| DiceError::PlatformError)?
- };
- start.checked_add(len).and_then(|end| buffer.get(start..end)).ok_or(DiceError::PlatformError)
-}
diff --git a/diced/open_dice/src/dice.rs b/diced/open_dice/src/dice.rs
deleted file mode 100644
index e42e373..0000000
--- a/diced/open_dice/src/dice.rs
+++ /dev/null
@@ -1,287 +0,0 @@
-// Copyright 2023, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! Structs and functions about the types used in DICE.
-//! This module mirrors the content in open-dice/include/dice/dice.h
-
-use crate::error::{check_result, Result};
-pub use open_dice_cbor_bindgen::DiceMode;
-use open_dice_cbor_bindgen::{
- DiceConfigType, DiceDeriveCdiCertificateId, DiceDeriveCdiPrivateKeySeed, DiceInputValues,
- DiceMainFlow, DICE_CDI_SIZE, DICE_HASH_SIZE, DICE_HIDDEN_SIZE, DICE_ID_SIZE,
- DICE_INLINE_CONFIG_SIZE, DICE_PRIVATE_KEY_SEED_SIZE, DICE_PRIVATE_KEY_SIZE,
- DICE_PUBLIC_KEY_SIZE, DICE_SIGNATURE_SIZE,
-};
-use std::{marker::PhantomData, ptr};
-use zeroize::{Zeroize, ZeroizeOnDrop};
-
-/// The size of a DICE hash.
-pub const HASH_SIZE: usize = DICE_HASH_SIZE as usize;
-/// The size of the DICE hidden value.
-pub const HIDDEN_SIZE: usize = DICE_HIDDEN_SIZE as usize;
-/// The size of a DICE inline config.
-const INLINE_CONFIG_SIZE: usize = DICE_INLINE_CONFIG_SIZE as usize;
-/// The size of a CDI.
-pub const CDI_SIZE: usize = DICE_CDI_SIZE as usize;
-/// The size of a private key seed.
-pub const PRIVATE_KEY_SEED_SIZE: usize = DICE_PRIVATE_KEY_SEED_SIZE as usize;
-/// The size of a private key.
-pub const PRIVATE_KEY_SIZE: usize = DICE_PRIVATE_KEY_SIZE as usize;
-/// The size of a public key.
-pub const PUBLIC_KEY_SIZE: usize = DICE_PUBLIC_KEY_SIZE as usize;
-/// The size of a signature.
-pub const SIGNATURE_SIZE: usize = DICE_SIGNATURE_SIZE as usize;
-/// The size of an ID.
-pub const ID_SIZE: usize = DICE_ID_SIZE as usize;
-
-/// Array type of hashes used by DICE.
-pub type Hash = [u8; HASH_SIZE];
-/// Array type of additional input.
-pub type Hidden = [u8; HIDDEN_SIZE];
-/// Array type of inline configuration values.
-pub type InlineConfig = [u8; INLINE_CONFIG_SIZE];
-/// Array type of CDIs.
-pub type Cdi = [u8; CDI_SIZE];
-/// Array type of the public key.
-pub type PublicKey = [u8; PUBLIC_KEY_SIZE];
-/// Array type of the signature.
-pub type Signature = [u8; SIGNATURE_SIZE];
-/// Array type of DICE ID.
-pub type DiceId = [u8; ID_SIZE];
-
-/// A trait for types that represent Dice artifacts, which include:
-///
-/// - Attestation CDI
-/// - Sealing CDI
-/// - Boot Certificate Chain
-///
-/// Types that implement this trait provide an access these artifacts.
-pub trait DiceArtifacts {
- /// Returns a reference to the attestation CDI.
- fn cdi_attest(&self) -> &[u8; CDI_SIZE];
-
- /// Returns a reference to the sealing CDI.
- fn cdi_seal(&self) -> &[u8; CDI_SIZE];
-
- /// Returns a reference to the Boot Certificate Chain, if present.
- fn bcc(&self) -> Option<&[u8]>;
-}
-
-/// TODO(b/268587826): Clean up the memory cache after zeroing out the memory
-/// for sensitive data like CDI values and private key.
-/// CDI Values.
-#[derive(Debug, Zeroize, ZeroizeOnDrop, Default)]
-pub struct CdiValues {
- /// Attestation CDI.
- pub cdi_attest: [u8; CDI_SIZE],
- /// Sealing CDI.
- pub cdi_seal: [u8; CDI_SIZE],
-}
-
-/// Private key seed. The data is zeroed out when the struct is dropped.
-#[derive(Zeroize, ZeroizeOnDrop, Default)]
-pub struct PrivateKeySeed([u8; PRIVATE_KEY_SEED_SIZE]);
-
-impl PrivateKeySeed {
- /// Returns an array reference of the private key seed.
- pub fn as_array(&self) -> &[u8; PRIVATE_KEY_SEED_SIZE] {
- &self.0
- }
-
- /// Returns a mutable pointer to the slice buffer of the private key seed.
- pub fn as_mut_ptr(&mut self) -> *mut u8 {
- self.0.as_mut_ptr()
- }
-}
-
-/// Private key. The data is zeroed out when the struct is dropped.
-#[derive(Zeroize, ZeroizeOnDrop)]
-pub struct PrivateKey([u8; PRIVATE_KEY_SIZE]);
-
-impl Default for PrivateKey {
- /// Creates a new `PrivateKey` instance with all bytes set to 0.
- ///
- /// Since the size of the private key array is too large to be initialized
- /// with a default value, this implementation sets all the bytes in the array
- /// to 0 using the `[0u8; PRIVATE_KEY_SIZE]` syntax.
- fn default() -> Self {
- Self([0u8; PRIVATE_KEY_SIZE])
- }
-}
-
-impl PrivateKey {
- /// Returns an array reference of the private key.
- pub fn as_array(&self) -> &[u8; PRIVATE_KEY_SIZE] {
- &self.0
- }
-
- /// Returns a mutable pointer to the slice buffer of the private key.
- pub fn as_mut_ptr(&mut self) -> *mut u8 {
- self.0.as_mut_ptr()
- }
-}
-
-/// Configuration descriptor for DICE input values.
-#[derive(Debug, Clone, PartialEq, Eq)]
-pub enum Config<'a> {
- /// Reference to an inline descriptor.
- Inline(&'a InlineConfig),
- /// Reference to a free form descriptor that will be hashed by the implementation.
- Descriptor(&'a [u8]),
-}
-
-impl Config<'_> {
- fn dice_config_type(&self) -> DiceConfigType {
- match self {
- Self::Inline(_) => DiceConfigType::kDiceConfigTypeInline,
- Self::Descriptor(_) => DiceConfigType::kDiceConfigTypeDescriptor,
- }
- }
-
- fn inline_config(&self) -> InlineConfig {
- match self {
- Self::Inline(inline) => **inline,
- Self::Descriptor(_) => [0u8; INLINE_CONFIG_SIZE],
- }
- }
-
- fn descriptor_ptr(&self) -> *const u8 {
- match self {
- Self::Descriptor(descriptor) => descriptor.as_ptr(),
- _ => ptr::null(),
- }
- }
-
- fn descriptor_size(&self) -> usize {
- match self {
- Self::Descriptor(descriptor) => descriptor.len(),
- _ => 0,
- }
- }
-}
-
-/// Wrap of `DiceInputValues`.
-#[derive(Clone, Debug)]
-pub struct InputValues<'a> {
- dice_inputs: DiceInputValues,
- // DiceInputValues contains a pointer to the separate config descriptor, which must therefore
- // outlive it. Make sure the borrow checker can enforce that.
- config_descriptor: PhantomData<&'a [u8]>,
-}
-
-impl<'a> InputValues<'a> {
- /// Creates a new `InputValues`.
- pub fn new(
- code_hash: Hash,
- config: Config<'a>,
- authority_hash: Hash,
- mode: DiceMode,
- hidden: Hidden,
- ) -> Self {
- Self {
- dice_inputs: DiceInputValues {
- code_hash,
- code_descriptor: ptr::null(),
- code_descriptor_size: 0,
- config_type: config.dice_config_type(),
- config_value: config.inline_config(),
- config_descriptor: config.descriptor_ptr(),
- config_descriptor_size: config.descriptor_size(),
- authority_hash,
- authority_descriptor: ptr::null(),
- authority_descriptor_size: 0,
- mode,
- hidden,
- },
- config_descriptor: PhantomData,
- }
- }
-
- /// Returns a raw pointer to the wrapped `DiceInputValues`.
- pub fn as_ptr(&self) -> *const DiceInputValues {
- &self.dice_inputs as *const DiceInputValues
- }
-}
-
-/// Derives a CDI private key seed from a `cdi_attest` value.
-pub fn derive_cdi_private_key_seed(cdi_attest: &Cdi) -> Result<PrivateKeySeed> {
- let mut seed = PrivateKeySeed::default();
- check_result(
- // SAFETY: The function writes to the buffer within the given bounds, and only reads the
- // input values. The first argument context is not used in this function.
- unsafe {
- DiceDeriveCdiPrivateKeySeed(
- ptr::null_mut(), // context
- cdi_attest.as_ptr(),
- seed.as_mut_ptr(),
- )
- },
- seed.0.len(),
- )?;
- Ok(seed)
-}
-
-/// Derives an ID from the given `cdi_public_key` value.
-pub fn derive_cdi_certificate_id(cdi_public_key: &[u8]) -> Result<DiceId> {
- let mut id = [0u8; ID_SIZE];
- check_result(
- // SAFETY: The function writes to the buffer within the given bounds, and only reads the
- // input values. The first argument context is not used in this function.
- unsafe {
- DiceDeriveCdiCertificateId(
- ptr::null_mut(), // context
- cdi_public_key.as_ptr(),
- cdi_public_key.len(),
- id.as_mut_ptr(),
- )
- },
- id.len(),
- )?;
- Ok(id)
-}
-
-/// Executes the main DICE flow.
-///
-/// Given a full set of input values and the current CDI values, computes the
-/// next CDI values and a matching certificate.
-/// Returns the actual size of the next CDI certificate.
-pub fn dice_main_flow(
- current_cdi_attest: &Cdi,
- current_cdi_seal: &Cdi,
- input_values: &InputValues,
- next_cdi_certificate: &mut [u8],
- next_cdi_values: &mut CdiValues,
-) -> Result<usize> {
- let mut next_cdi_certificate_actual_size = 0;
- check_result(
- // SAFETY: The function only reads the current CDI values and inputs and writes
- // to `next_cdi_certificate` and next CDI values within its bounds.
- // The first argument can be null and is not used in the current implementation.
- unsafe {
- DiceMainFlow(
- ptr::null_mut(), // context
- current_cdi_attest.as_ptr(),
- current_cdi_seal.as_ptr(),
- input_values.as_ptr(),
- next_cdi_certificate.len(),
- next_cdi_certificate.as_mut_ptr(),
- &mut next_cdi_certificate_actual_size,
- next_cdi_values.cdi_attest.as_mut_ptr(),
- next_cdi_values.cdi_seal.as_mut_ptr(),
- )
- },
- next_cdi_certificate_actual_size,
- )?;
- Ok(next_cdi_certificate_actual_size)
-}
diff --git a/diced/open_dice/src/error.rs b/diced/open_dice/src/error.rs
deleted file mode 100644
index 53ffd2d..0000000
--- a/diced/open_dice/src/error.rs
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2023, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! Errors and relating functions thrown in this library.
-
-use open_dice_cbor_bindgen::DiceResult;
-use std::{fmt, result};
-
-#[cfg(feature = "std")]
-use std::error::Error;
-
-/// Error type used by DICE.
-#[derive(Debug)]
-pub enum DiceError {
- /// Provided input was invalid.
- InvalidInput,
- /// Provided buffer was too small.
- BufferTooSmall(usize),
- /// Platform error.
- PlatformError,
-}
-
-/// This makes `DiceError` accepted by anyhow.
-#[cfg(feature = "std")]
-impl Error for DiceError {}
-
-impl fmt::Display for DiceError {
- fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
- match self {
- Self::InvalidInput => write!(f, "invalid input"),
- Self::BufferTooSmall(buffer_required_size) => {
- write!(f, "buffer too small. Required {buffer_required_size} bytes.")
- }
- Self::PlatformError => write!(f, "platform error"),
- }
- }
-}
-
-/// DICE result type.
-pub type Result<T> = result::Result<T, DiceError>;
-
-/// Checks the given `DiceResult`. Returns an error if it's not OK.
-pub(crate) fn check_result(result: DiceResult, buffer_required_size: usize) -> Result<()> {
- match result {
- DiceResult::kDiceResultOk => Ok(()),
- DiceResult::kDiceResultInvalidInput => Err(DiceError::InvalidInput),
- DiceResult::kDiceResultBufferTooSmall => {
- Err(DiceError::BufferTooSmall(buffer_required_size))
- }
- DiceResult::kDiceResultPlatformError => Err(DiceError::PlatformError),
- }
-}
diff --git a/diced/open_dice/src/lib.rs b/diced/open_dice/src/lib.rs
deleted file mode 100644
index 83ae07f..0000000
--- a/diced/open_dice/src/lib.rs
+++ /dev/null
@@ -1,48 +0,0 @@
-// Copyright 2023, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! Implements safe wrappers around the public API of libopen-dice for
-//! both std and nostd usages.
-
-#![cfg_attr(not(feature = "std"), no_std)]
-
-#[cfg(feature = "alloc")]
-extern crate alloc;
-
-#[cfg(not(feature = "std"))]
-extern crate core as std;
-
-mod bcc;
-mod dice;
-mod error;
-mod ops;
-#[cfg(feature = "alloc")]
-mod retry;
-
-pub use bcc::{
- bcc_format_config_descriptor, bcc_handover_main_flow, bcc_handover_parse, bcc_main_flow,
- BccHandover, DiceConfigValues,
-};
-pub use dice::{
- derive_cdi_certificate_id, derive_cdi_private_key_seed, dice_main_flow, Cdi, CdiValues, Config,
- DiceArtifacts, DiceMode, Hash, Hidden, InlineConfig, InputValues, PrivateKey, PrivateKeySeed,
- PublicKey, Signature, CDI_SIZE, HASH_SIZE, HIDDEN_SIZE, ID_SIZE, PRIVATE_KEY_SEED_SIZE,
-};
-pub use error::{DiceError, Result};
-pub use ops::{generate_certificate, hash, kdf, keypair_from_seed, sign, verify};
-#[cfg(feature = "alloc")]
-pub use retry::{
- retry_bcc_format_config_descriptor, retry_bcc_main_flow, retry_dice_main_flow,
- retry_generate_certificate, OwnedDiceArtifacts,
-};
diff --git a/diced/open_dice/src/ops.rs b/diced/open_dice/src/ops.rs
deleted file mode 100644
index 6b9202a..0000000
--- a/diced/open_dice/src/ops.rs
+++ /dev/null
@@ -1,162 +0,0 @@
-// Copyright 2023, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! This module mirrors the content in open-dice/include/dice/ops.h
-//! It contains the set of functions that implement various operations that the
-//! main DICE functions depend on.
-
-use crate::dice::{
- Hash, InputValues, PrivateKey, PublicKey, Signature, HASH_SIZE, PRIVATE_KEY_SEED_SIZE,
- PRIVATE_KEY_SIZE, PUBLIC_KEY_SIZE, SIGNATURE_SIZE,
-};
-use crate::error::{check_result, Result};
-use open_dice_cbor_bindgen::{
- DiceGenerateCertificate, DiceHash, DiceKdf, DiceKeypairFromSeed, DiceSign, DiceVerify,
-};
-use std::ptr;
-
-/// Hashes the provided input using DICE's hash function `DiceHash`.
-pub fn hash(input: &[u8]) -> Result<Hash> {
- let mut output: Hash = [0; HASH_SIZE];
- check_result(
- // SAFETY: DiceHash takes a sized input buffer and writes to a constant-sized output buffer.
- // The first argument context is not used in this function.
- unsafe {
- DiceHash(
- ptr::null_mut(), // context
- input.as_ptr(),
- input.len(),
- output.as_mut_ptr(),
- )
- },
- output.len(),
- )?;
- Ok(output)
-}
-
-/// An implementation of HKDF-SHA512. Derives a key of `derived_key.len()` bytes from `ikm`, `salt`,
-/// and `info`. The derived key is written to the `derived_key`.
-pub fn kdf(ikm: &[u8], salt: &[u8], info: &[u8], derived_key: &mut [u8]) -> Result<()> {
- check_result(
- // SAFETY: The function writes to the `derived_key`, within the given bounds, and only reads
- // the input values. The first argument context is not used in this function.
- unsafe {
- DiceKdf(
- ptr::null_mut(), // context
- derived_key.len(),
- ikm.as_ptr(),
- ikm.len(),
- salt.as_ptr(),
- salt.len(),
- info.as_ptr(),
- info.len(),
- derived_key.as_mut_ptr(),
- )
- },
- derived_key.len(),
- )
-}
-
-/// Deterministically generates a public and private key pair from `seed`.
-/// Since this is deterministic, `seed` is as sensitive as a private key and can
-/// be used directly as the private key.
-pub fn keypair_from_seed(seed: &[u8; PRIVATE_KEY_SEED_SIZE]) -> Result<(PublicKey, PrivateKey)> {
- let mut public_key = [0u8; PUBLIC_KEY_SIZE];
- let mut private_key = PrivateKey::default();
- check_result(
- // SAFETY: The function writes to the `public_key` and `private_key` within the given
- // bounds, and only reads the `seed`. The first argument context is not used in this
- // function.
- unsafe {
- DiceKeypairFromSeed(
- ptr::null_mut(), // context
- seed.as_ptr(),
- public_key.as_mut_ptr(),
- private_key.as_mut_ptr(),
- )
- },
- public_key.len(),
- )?;
- Ok((public_key, private_key))
-}
-
-/// Signs the `message` with the give `private_key` using `DiceSign`.
-pub fn sign(message: &[u8], private_key: &[u8; PRIVATE_KEY_SIZE]) -> Result<Signature> {
- let mut signature = [0u8; SIGNATURE_SIZE];
- check_result(
- // SAFETY: The function writes to the `signature` within the given bounds, and only reads
- // the message and the private key. The first argument context is not used in this function.
- unsafe {
- DiceSign(
- ptr::null_mut(), // context
- message.as_ptr(),
- message.len(),
- private_key.as_ptr(),
- signature.as_mut_ptr(),
- )
- },
- signature.len(),
- )?;
- Ok(signature)
-}
-
-/// Verifies the `signature` of the `message` with the given `public_key` using `DiceVerify`.
-pub fn verify(message: &[u8], signature: &Signature, public_key: &PublicKey) -> Result<()> {
- check_result(
- // SAFETY: only reads the messages, signature and public key as constant values.
- // The first argument context is not used in this function.
- unsafe {
- DiceVerify(
- ptr::null_mut(), // context
- message.as_ptr(),
- message.len(),
- signature.as_ptr(),
- public_key.as_ptr(),
- )
- },
- 0,
- )
-}
-
-/// Generates an X.509 certificate from the given `subject_private_key_seed` and
-/// `input_values`, and signed by `authority_private_key_seed`.
-/// The subject private key seed is supplied here so the implementation can choose
-/// between asymmetric mechanisms, for example ECDSA vs Ed25519.
-/// Returns the actual size of the generated certificate.
-pub fn generate_certificate(
- subject_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
- authority_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
- input_values: &InputValues,
- certificate: &mut [u8],
-) -> Result<usize> {
- let mut certificate_actual_size = 0;
- check_result(
- // SAFETY: The function writes to the `certificate` within the given bounds, and only reads
- // the input values and the key seeds. The first argument context is not used in this
- // function.
- unsafe {
- DiceGenerateCertificate(
- ptr::null_mut(), // context
- subject_private_key_seed.as_ptr(),
- authority_private_key_seed.as_ptr(),
- input_values.as_ptr(),
- certificate.len(),
- certificate.as_mut_ptr(),
- &mut certificate_actual_size,
- )
- },
- certificate_actual_size,
- )?;
- Ok(certificate_actual_size)
-}
diff --git a/diced/open_dice/src/retry.rs b/diced/open_dice/src/retry.rs
deleted file mode 100644
index a6303bd..0000000
--- a/diced/open_dice/src/retry.rs
+++ /dev/null
@@ -1,141 +0,0 @@
-// Copyright 2023, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! This module implements a retry version for multiple DICE functions that
-//! require preallocated output buffer. As the retry functions require
-//! memory allocation on heap, currently we only expose these functions in
-//! std environment.
-
-use crate::bcc::{bcc_format_config_descriptor, bcc_main_flow, DiceConfigValues};
-use crate::dice::{
- dice_main_flow, Cdi, CdiValues, DiceArtifacts, InputValues, CDI_SIZE, PRIVATE_KEY_SEED_SIZE,
-};
-use crate::error::{DiceError, Result};
-use crate::ops::generate_certificate;
-#[cfg(feature = "alloc")]
-use alloc::vec::Vec;
-
-/// Artifacts stores a set of dice artifacts comprising CDI_ATTEST, CDI_SEAL,
-/// and the BCC formatted attestation certificate chain.
-/// As we align with the DICE standards today, this is the certificate chain
-/// is also called DICE certificate chain.
-#[derive(Debug)]
-pub struct OwnedDiceArtifacts {
- /// CDI Values.
- cdi_values: CdiValues,
- /// Boot Certificate Chain.
- bcc: Vec<u8>,
-}
-
-impl DiceArtifacts for OwnedDiceArtifacts {
- fn cdi_attest(&self) -> &[u8; CDI_SIZE] {
- &self.cdi_values.cdi_attest
- }
-
- fn cdi_seal(&self) -> &[u8; CDI_SIZE] {
- &self.cdi_values.cdi_seal
- }
-
- fn bcc(&self) -> Option<&[u8]> {
- Some(&self.bcc)
- }
-}
-
-/// Retries the given function with bigger measured buffer size.
-fn retry_with_measured_buffer<F>(mut f: F) -> Result<Vec<u8>>
-where
- F: FnMut(&mut Vec<u8>) -> Result<usize>,
-{
- let mut buffer = Vec::new();
- match f(&mut buffer) {
- Err(DiceError::BufferTooSmall(actual_size)) => {
- buffer.resize(actual_size, 0);
- f(&mut buffer)?;
- }
- Err(e) => return Err(e),
- Ok(_) => {}
- };
- Ok(buffer)
-}
-
-/// Formats a configuration descriptor following the BCC's specification.
-pub fn retry_bcc_format_config_descriptor(values: &DiceConfigValues) -> Result<Vec<u8>> {
- retry_with_measured_buffer(|buffer| bcc_format_config_descriptor(values, buffer))
-}
-
-/// Executes the main BCC flow.
-///
-/// Given a full set of input values along with the current BCC and CDI values,
-/// computes the next CDI values and matching updated BCC.
-pub fn retry_bcc_main_flow(
- current_cdi_attest: &Cdi,
- current_cdi_seal: &Cdi,
- bcc: &[u8],
- input_values: &InputValues,
-) -> Result<OwnedDiceArtifacts> {
- let mut next_cdi_values = CdiValues::default();
- let next_bcc = retry_with_measured_buffer(|next_bcc| {
- bcc_main_flow(
- current_cdi_attest,
- current_cdi_seal,
- bcc,
- input_values,
- &mut next_cdi_values,
- next_bcc,
- )
- })?;
- Ok(OwnedDiceArtifacts { cdi_values: next_cdi_values, bcc: next_bcc })
-}
-
-/// Executes the main DICE flow.
-///
-/// Given a full set of input values and the current CDI values, computes the
-/// next CDI values and a matching certificate.
-pub fn retry_dice_main_flow(
- current_cdi_attest: &Cdi,
- current_cdi_seal: &Cdi,
- input_values: &InputValues,
-) -> Result<(CdiValues, Vec<u8>)> {
- let mut next_cdi_values = CdiValues::default();
- let next_cdi_certificate = retry_with_measured_buffer(|next_cdi_certificate| {
- dice_main_flow(
- current_cdi_attest,
- current_cdi_seal,
- input_values,
- next_cdi_certificate,
- &mut next_cdi_values,
- )
- })?;
- Ok((next_cdi_values, next_cdi_certificate))
-}
-
-/// Generates an X.509 certificate from the given `subject_private_key_seed` and
-/// `input_values`, and signed by `authority_private_key_seed`.
-/// The subject private key seed is supplied here so the implementation can choose
-/// between asymmetric mechanisms, for example ECDSA vs Ed25519.
-/// Returns the generated certificate.
-pub fn retry_generate_certificate(
- subject_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
- authority_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
- input_values: &InputValues,
-) -> Result<Vec<u8>> {
- retry_with_measured_buffer(|certificate| {
- generate_certificate(
- subject_private_key_seed,
- authority_private_key_seed,
- input_values,
- certificate,
- )
- })
-}
diff --git a/diced/open_dice/tests/api_test.rs b/diced/open_dice/tests/api_test.rs
deleted file mode 100644
index a47265b..0000000
--- a/diced/open_dice/tests/api_test.rs
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * Copyright (C) 2023 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-use diced_open_dice::{
- derive_cdi_certificate_id, derive_cdi_private_key_seed, hash, kdf, keypair_from_seed, sign,
- verify, CDI_SIZE, HASH_SIZE, ID_SIZE, PRIVATE_KEY_SEED_SIZE,
-};
-
-#[test]
-fn hash_succeeds() {
- const EXPECTED_HASH: [u8; HASH_SIZE] = [
- 0x30, 0x9e, 0xcc, 0x48, 0x9c, 0x12, 0xd6, 0xeb, 0x4c, 0xc4, 0x0f, 0x50, 0xc9, 0x02, 0xf2,
- 0xb4, 0xd0, 0xed, 0x77, 0xee, 0x51, 0x1a, 0x7c, 0x7a, 0x9b, 0xcd, 0x3c, 0xa8, 0x6d, 0x4c,
- 0xd8, 0x6f, 0x98, 0x9d, 0xd3, 0x5b, 0xc5, 0xff, 0x49, 0x96, 0x70, 0xda, 0x34, 0x25, 0x5b,
- 0x45, 0xb0, 0xcf, 0xd8, 0x30, 0xe8, 0x1f, 0x60, 0x5d, 0xcf, 0x7d, 0xc5, 0x54, 0x2e, 0x93,
- 0xae, 0x9c, 0xd7, 0x6f,
- ];
- assert_eq!(EXPECTED_HASH, hash(b"hello world").expect("hash failed"));
-}
-
-#[test]
-fn kdf_succeeds() {
- let mut derived_key = [0u8; PRIVATE_KEY_SEED_SIZE];
- kdf(b"myInitialKeyMaterial", b"mySalt", b"myInfo", &mut derived_key).unwrap();
- const EXPECTED_DERIVED_KEY: [u8; PRIVATE_KEY_SEED_SIZE] = [
- 0x91, 0x9b, 0x8d, 0x29, 0xc4, 0x1b, 0x93, 0xd7, 0xeb, 0x09, 0xfa, 0xd7, 0xc9, 0x87, 0xb0,
- 0xd1, 0xcc, 0x26, 0xef, 0x07, 0x83, 0x42, 0xcf, 0xa3, 0x45, 0x0a, 0x57, 0xe9, 0x19, 0x86,
- 0xef, 0x48,
- ];
- assert_eq!(EXPECTED_DERIVED_KEY, derived_key);
-}
-
-#[test]
-fn derive_cdi_certificate_id_succeeds() {
- const EXPECTED_ID: [u8; ID_SIZE] = [
- 0x7a, 0x36, 0x45, 0x2c, 0x02, 0xf6, 0x2b, 0xec, 0xf9, 0x80, 0x06, 0x75, 0x87, 0xa5, 0xc1,
- 0x44, 0x0c, 0xd3, 0xc0, 0x6d,
- ];
- assert_eq!(EXPECTED_ID, derive_cdi_certificate_id(b"MyPubKey").unwrap());
-}
-
-const EXPECTED_SEED: &[u8] = &[
- 0xfa, 0x3c, 0x2f, 0x58, 0x37, 0xf5, 0x8e, 0x96, 0x16, 0x09, 0xf5, 0x22, 0xa1, 0xf1, 0xba, 0xaa,
- 0x19, 0x95, 0x01, 0x79, 0x2e, 0x60, 0x56, 0xaf, 0xf6, 0x41, 0xe7, 0xff, 0x48, 0xf5, 0x3a, 0x08,
- 0x84, 0x8a, 0x98, 0x85, 0x6d, 0xf5, 0x69, 0x21, 0x03, 0xcd, 0x09, 0xc3, 0x28, 0xd6, 0x06, 0xa7,
- 0x57, 0xbd, 0x48, 0x4b, 0x0f, 0x79, 0x0f, 0xf8, 0x2f, 0xf0, 0x0a, 0x41, 0x94, 0xd8, 0x8c, 0xa8,
-];
-
-const EXPECTED_CDI_ATTEST: &[u8] = &[
- 0xfa, 0x3c, 0x2f, 0x58, 0x37, 0xf5, 0x8e, 0x96, 0x16, 0x09, 0xf5, 0x22, 0xa1, 0xf1, 0xba, 0xaa,
- 0x19, 0x95, 0x01, 0x79, 0x2e, 0x60, 0x56, 0xaf, 0xf6, 0x41, 0xe7, 0xff, 0x48, 0xf5, 0x3a, 0x08,
-];
-
-const EXPECTED_CDI_PRIVATE_KEY_SEED: &[u8] = &[
- 0x5f, 0xcc, 0x8e, 0x1a, 0xd1, 0xc2, 0xb3, 0xe9, 0xfb, 0xe1, 0x68, 0xf0, 0xf6, 0x98, 0xfe, 0x0d,
- 0xee, 0xd4, 0xb5, 0x18, 0xcb, 0x59, 0x70, 0x2d, 0xee, 0x06, 0xe5, 0x70, 0xf1, 0x72, 0x02, 0x6e,
-];
-
-const EXPECTED_PUB_KEY: &[u8] = &[
- 0x47, 0x42, 0x4b, 0xbd, 0xd7, 0x23, 0xb4, 0xcd, 0xca, 0xe2, 0x8e, 0xdc, 0x6b, 0xfc, 0x23, 0xc9,
- 0x21, 0x5c, 0x48, 0x21, 0x47, 0xee, 0x5b, 0xfa, 0xaf, 0x88, 0x9a, 0x52, 0xf1, 0x61, 0x06, 0x37,
-];
-const EXPECTED_PRIV_KEY: &[u8] = &[
- 0x5f, 0xcc, 0x8e, 0x1a, 0xd1, 0xc2, 0xb3, 0xe9, 0xfb, 0xe1, 0x68, 0xf0, 0xf6, 0x98, 0xfe, 0x0d,
- 0xee, 0xd4, 0xb5, 0x18, 0xcb, 0x59, 0x70, 0x2d, 0xee, 0x06, 0xe5, 0x70, 0xf1, 0x72, 0x02, 0x6e,
- 0x47, 0x42, 0x4b, 0xbd, 0xd7, 0x23, 0xb4, 0xcd, 0xca, 0xe2, 0x8e, 0xdc, 0x6b, 0xfc, 0x23, 0xc9,
- 0x21, 0x5c, 0x48, 0x21, 0x47, 0xee, 0x5b, 0xfa, 0xaf, 0x88, 0x9a, 0x52, 0xf1, 0x61, 0x06, 0x37,
-];
-
-const EXPECTED_SIGNATURE: &[u8] = &[
- 0x44, 0xae, 0xcc, 0xe2, 0xb9, 0x96, 0x18, 0x39, 0x0e, 0x61, 0x0f, 0x53, 0x07, 0xbf, 0xf2, 0x32,
- 0x3d, 0x44, 0xd4, 0xf2, 0x07, 0x23, 0x30, 0x85, 0x32, 0x18, 0xd2, 0x69, 0xb8, 0x29, 0x3c, 0x26,
- 0xe6, 0x0d, 0x9c, 0xa5, 0xc2, 0x73, 0xcd, 0x8c, 0xb8, 0x3c, 0x3e, 0x5b, 0xfd, 0x62, 0x8d, 0xf6,
- 0xc4, 0x27, 0xa6, 0xe9, 0x11, 0x06, 0x5a, 0xb2, 0x2b, 0x64, 0xf7, 0xfc, 0xbb, 0xab, 0x4a, 0x0e,
-];
-
-#[test]
-fn hash_derive_sign_verify() {
- let seed = hash(b"MySeedString").unwrap();
- assert_eq!(seed, EXPECTED_SEED);
- let cdi_attest = &seed[..CDI_SIZE];
- assert_eq!(cdi_attest, EXPECTED_CDI_ATTEST);
- let cdi_private_key_seed = derive_cdi_private_key_seed(cdi_attest.try_into().unwrap()).unwrap();
- assert_eq!(cdi_private_key_seed.as_array(), EXPECTED_CDI_PRIVATE_KEY_SEED);
- let (pub_key, priv_key) = keypair_from_seed(cdi_private_key_seed.as_array()).unwrap();
- assert_eq!(&pub_key, EXPECTED_PUB_KEY);
- assert_eq!(priv_key.as_array(), EXPECTED_PRIV_KEY);
- let mut signature = sign(b"MyMessage", priv_key.as_array()).unwrap();
- assert_eq!(&signature, EXPECTED_SIGNATURE);
- assert!(verify(b"MyMessage", &signature, &pub_key).is_ok());
- assert!(verify(b"MyMessage_fail", &signature, &pub_key).is_err());
- signature[0] += 1;
- assert!(verify(b"MyMessage", &signature, &pub_key).is_err());
-}
diff --git a/diced/sample_inputs/Android.bp b/diced/sample_inputs/Android.bp
deleted file mode 100644
index e66d436..0000000
--- a/diced/sample_inputs/Android.bp
+++ /dev/null
@@ -1,81 +0,0 @@
-// Copyright 2021, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package {
- // See: http://go/android-license-faq
- // A large-scale-change added 'default_applicable_licenses' to import
- // all of the 'license_kinds' from "system_security_license"
- // to get the below license kinds:
- // SPDX-license-identifier-Apache-2.0
- default_applicable_licenses: ["system_security_license"],
-}
-
-rust_defaults {
- name: "libdiced_sample_inputs_defaults",
- crate_name: "diced_sample_inputs",
- srcs: ["src/lib.rs"],
-}
-
-rust_library {
- name: "libdiced_sample_inputs",
- defaults: ["libdiced_sample_inputs_defaults"],
- features: [
- "std",
- ],
- rustlibs: [
- "libciborium",
- "libcoset",
- "libdiced_open_dice",
- "liblog_rust",
- ],
-}
-
-rust_library_rlib {
- name: "libdiced_sample_inputs_nostd",
- defaults: ["libdiced_sample_inputs_defaults"],
- rustlibs: [
- "libciborium_nostd",
- "libcoset_nostd",
- "libdiced_open_dice_nostd",
- "liblog_rust_nostd",
- ],
- visibility: [
- "//packages/modules/Virtualization:__subpackages__",
- ],
-}
-
-rust_defaults {
- name: "libdiced_sample_inputs_test_defaults",
- crate_name: "diced_sample_inputs_test",
- srcs: ["tests/*.rs"],
- test_suites: ["general-tests"],
-}
-
-rust_test {
- name: "libdiced_sample_inputs.integration_test",
- defaults: ["libdiced_sample_inputs_test_defaults"],
- rustlibs: [
- "libdiced_open_dice",
- "libdiced_sample_inputs",
- ],
-}
-
-rust_test {
- name: "libdiced_sample_inputs_nostd.integration_test",
- defaults: ["libdiced_sample_inputs_test_defaults"],
- rustlibs: [
- "libdiced_open_dice_nostd",
- "libdiced_sample_inputs_nostd",
- ],
-}
diff --git a/diced/sample_inputs/src/lib.rs b/diced/sample_inputs/src/lib.rs
deleted file mode 100644
index 9d6deca..0000000
--- a/diced/sample_inputs/src/lib.rs
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Copyright (C) 2023 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-//! Provides a set of sample inputs for a DICE chain and CDI values derived
-//! from it.
-
-#![cfg_attr(not(feature = "std"), no_std)]
-
-extern crate alloc;
-
-mod sample_inputs;
-
-pub use sample_inputs::make_sample_bcc_and_cdis;
diff --git a/diced/sample_inputs/src/sample_inputs.rs b/diced/sample_inputs/src/sample_inputs.rs
deleted file mode 100644
index 54f551b..0000000
--- a/diced/sample_inputs/src/sample_inputs.rs
+++ /dev/null
@@ -1,200 +0,0 @@
-// Copyright 2021, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! This module provides a set of sample input values for a DICE chain, a sample UDS,
-//! as well as tuple of CDIs and BCC derived thereof.
-
-use alloc::vec;
-use alloc::vec::Vec;
-use ciborium::{de, ser, value::Value};
-use core::ffi::CStr;
-use coset::{iana, Algorithm, AsCborValue, CoseKey, KeyOperation, KeyType, Label};
-use diced_open_dice::{
- derive_cdi_private_key_seed, keypair_from_seed, retry_bcc_format_config_descriptor,
- retry_bcc_main_flow, retry_dice_main_flow, Config, DiceArtifacts, DiceConfigValues, DiceError,
- DiceMode, InputValues, OwnedDiceArtifacts, Result, CDI_SIZE, HASH_SIZE, HIDDEN_SIZE,
-};
-use log::error;
-
-/// Sample UDS used to perform the root dice flow by `make_sample_bcc_and_cdis`.
-const UDS: &[u8; CDI_SIZE] = &[
- 0x65, 0x4f, 0xab, 0xa9, 0xa5, 0xad, 0x0f, 0x5e, 0x15, 0xc3, 0x12, 0xf7, 0x77, 0x45, 0xfa, 0x55,
- 0x18, 0x6a, 0xa6, 0x34, 0xb6, 0x7c, 0x82, 0x7b, 0x89, 0x4c, 0xc5, 0x52, 0xd3, 0x27, 0x35, 0x8e,
-];
-
-const CODE_HASH_ABL: [u8; HASH_SIZE] = [
- 0x16, 0x48, 0xf2, 0x55, 0x53, 0x23, 0xdd, 0x15, 0x2e, 0x83, 0x38, 0xc3, 0x64, 0x38, 0x63, 0x26,
- 0x0f, 0xcf, 0x5b, 0xd1, 0x3a, 0xd3, 0x40, 0x3e, 0x23, 0xf8, 0x34, 0x4c, 0x6d, 0xa2, 0xbe, 0x25,
- 0x1c, 0xb0, 0x29, 0xe8, 0xc3, 0xfb, 0xb8, 0x80, 0xdc, 0xb1, 0xd2, 0xb3, 0x91, 0x4d, 0xd3, 0xfb,
- 0x01, 0x0f, 0xe4, 0xe9, 0x46, 0xa2, 0xc0, 0x26, 0x57, 0x5a, 0xba, 0x30, 0xf7, 0x15, 0x98, 0x14,
-];
-const AUTHORITY_HASH_ABL: [u8; HASH_SIZE] = [
- 0xf9, 0x00, 0x9d, 0xc2, 0x59, 0x09, 0xe0, 0xb6, 0x98, 0xbd, 0xe3, 0x97, 0x4a, 0xcb, 0x3c, 0xe7,
- 0x6b, 0x24, 0xc3, 0xe4, 0x98, 0xdd, 0xa9, 0x6a, 0x41, 0x59, 0x15, 0xb1, 0x23, 0xe6, 0xc8, 0xdf,
- 0xfb, 0x52, 0xb4, 0x52, 0xc1, 0xb9, 0x61, 0xdd, 0xbc, 0x5b, 0x37, 0x0e, 0x12, 0x12, 0xb2, 0xfd,
- 0xc1, 0x09, 0xb0, 0xcf, 0x33, 0x81, 0x4c, 0xc6, 0x29, 0x1b, 0x99, 0xea, 0xae, 0xfd, 0xaa, 0x0d,
-];
-const HIDDEN_ABL: [u8; HIDDEN_SIZE] = [
- 0xa2, 0x01, 0xd0, 0xc0, 0xaa, 0x75, 0x3c, 0x06, 0x43, 0x98, 0x6c, 0xc3, 0x5a, 0xb5, 0x5f, 0x1f,
- 0x0f, 0x92, 0x44, 0x3b, 0x0e, 0xd4, 0x29, 0x75, 0xe3, 0xdb, 0x36, 0xda, 0xc8, 0x07, 0x97, 0x4d,
- 0xff, 0xbc, 0x6a, 0xa4, 0x8a, 0xef, 0xc4, 0x7f, 0xf8, 0x61, 0x7d, 0x51, 0x4d, 0x2f, 0xdf, 0x7e,
- 0x8c, 0x3d, 0xa3, 0xfc, 0x63, 0xd4, 0xd4, 0x74, 0x8a, 0xc4, 0x14, 0x45, 0x83, 0x6b, 0x12, 0x7e,
-];
-const CODE_HASH_AVB: [u8; HASH_SIZE] = [
- 0xa4, 0x0c, 0xcb, 0xc1, 0xbf, 0xfa, 0xcc, 0xfd, 0xeb, 0xf4, 0xfc, 0x43, 0x83, 0x7f, 0x46, 0x8d,
- 0xd8, 0xd8, 0x14, 0xc1, 0x96, 0x14, 0x1f, 0x6e, 0xb3, 0xa0, 0xd9, 0x56, 0xb3, 0xbf, 0x2f, 0xfa,
- 0x88, 0x70, 0x11, 0x07, 0x39, 0xa4, 0xd2, 0xa9, 0x6b, 0x18, 0x28, 0xe8, 0x29, 0x20, 0x49, 0x0f,
- 0xbb, 0x8d, 0x08, 0x8c, 0xc6, 0x54, 0xe9, 0x71, 0xd2, 0x7e, 0xa4, 0xfe, 0x58, 0x7f, 0xd3, 0xc7,
-];
-const AUTHORITY_HASH_AVB: [u8; HASH_SIZE] = [
- 0xb2, 0x69, 0x05, 0x48, 0x56, 0xb5, 0xfa, 0x55, 0x6f, 0xac, 0x56, 0xd9, 0x02, 0x35, 0x2b, 0xaa,
- 0x4c, 0xba, 0x28, 0xdd, 0x82, 0x3a, 0x86, 0xf5, 0xd4, 0xc2, 0xf1, 0xf9, 0x35, 0x7d, 0xe4, 0x43,
- 0x13, 0xbf, 0xfe, 0xd3, 0x36, 0xd8, 0x1c, 0x12, 0x78, 0x5c, 0x9c, 0x3e, 0xf6, 0x66, 0xef, 0xab,
- 0x3d, 0x0f, 0x89, 0xa4, 0x6f, 0xc9, 0x72, 0xee, 0x73, 0x43, 0x02, 0x8a, 0xef, 0xbc, 0x05, 0x98,
-];
-const HIDDEN_AVB: [u8; HIDDEN_SIZE] = [
- 0x5b, 0x3f, 0xc9, 0x6b, 0xe3, 0x95, 0x59, 0x40, 0x5e, 0x64, 0xe5, 0x64, 0x3f, 0xfd, 0x21, 0x09,
- 0x9d, 0xf3, 0xcd, 0xc7, 0xa4, 0x2a, 0xe2, 0x97, 0xdd, 0xe2, 0x4f, 0xb0, 0x7d, 0x7e, 0xf5, 0x8e,
- 0xd6, 0x4d, 0x84, 0x25, 0x54, 0x41, 0x3f, 0x8f, 0x78, 0x64, 0x1a, 0x51, 0x27, 0x9d, 0x55, 0x8a,
- 0xe9, 0x90, 0x35, 0xab, 0x39, 0x80, 0x4b, 0x94, 0x40, 0x84, 0xa2, 0xfd, 0x73, 0xeb, 0x35, 0x7a,
-];
-const AUTHORITY_HASH_ANDROID: [u8; HASH_SIZE] = [
- 0x04, 0x25, 0x5d, 0x60, 0x5f, 0x5c, 0x45, 0x0d, 0xf2, 0x9a, 0x6e, 0x99, 0x30, 0x03, 0xb8, 0xd6,
- 0xe1, 0x99, 0x71, 0x1b, 0xf8, 0x44, 0xfa, 0xb5, 0x31, 0x79, 0x1c, 0x37, 0x68, 0x4e, 0x1d, 0xc0,
- 0x24, 0x74, 0x68, 0xf8, 0x80, 0x20, 0x3e, 0x44, 0xb1, 0x43, 0xd2, 0x9c, 0xfc, 0x12, 0x9e, 0x77,
- 0x0a, 0xde, 0x29, 0x24, 0xff, 0x2e, 0xfa, 0xc7, 0x10, 0xd5, 0x73, 0xd4, 0xc6, 0xdf, 0x62, 0x9f,
-];
-
-fn ed25519_public_key_to_cbor_value(public_key: &[u8]) -> Result<Value> {
- let key = CoseKey {
- kty: KeyType::Assigned(iana::KeyType::OKP),
- alg: Some(Algorithm::Assigned(iana::Algorithm::EdDSA)),
- key_ops: vec![KeyOperation::Assigned(iana::KeyOperation::Verify)].into_iter().collect(),
- params: vec![
- (
- Label::Int(iana::Ec2KeyParameter::Crv as i64),
- Value::from(iana::EllipticCurve::Ed25519 as u64),
- ),
- (Label::Int(iana::Ec2KeyParameter::X as i64), Value::Bytes(public_key.to_vec())),
- ],
- ..Default::default()
- };
- key.to_cbor_value().map_err(|e| {
- error!("Failed to serialize the key to CBOR data: {e}");
- DiceError::InvalidInput
- })
-}
-
-/// Makes a DICE chain (BCC) from the sample input.
-///
-/// The DICE chain is of the following format:
-/// public key derived from UDS -> ABL certificate -> AVB certificate -> Android certificate
-pub fn make_sample_bcc_and_cdis() -> Result<OwnedDiceArtifacts> {
- let private_key_seed = derive_cdi_private_key_seed(UDS).map_err(|e| {
- error!("In make_sample_bcc_and_cdis: Trying to derive private key seed. Error: {e}");
- e
- })?;
-
- // Gets the root public key in DICE chain (BCC).
- let (public_key, _) = keypair_from_seed(private_key_seed.as_array()).map_err(|e| {
- error!("In make_sample_bcc_and_cids: Failed to generate key pair. Error: {e}");
- e
- })?;
- let ed25519_public_key_value = ed25519_public_key_to_cbor_value(&public_key)?;
-
- // Gets the ABL certificate to as the root certificate of DICE chain.
- let config_values = DiceConfigValues {
- component_name: Some(CStr::from_bytes_with_nul(b"ABL\0").unwrap()),
- component_version: Some(1),
- resettable: true,
- ..Default::default()
- };
- let config_descriptor = retry_bcc_format_config_descriptor(&config_values)?;
- let input_values = InputValues::new(
- CODE_HASH_ABL,
- Config::Descriptor(config_descriptor.as_slice()),
- AUTHORITY_HASH_ABL,
- DiceMode::kDiceModeNormal,
- HIDDEN_ABL,
- );
- let (cdi_values, cert) = retry_dice_main_flow(UDS, UDS, &input_values).map_err(|e| {
- error!("In make_sample_bcc_and_cdis: Trying to run first main flow. Error: {e}");
- e
- })?;
- let bcc_value = Value::Array(vec![
- ed25519_public_key_value,
- de::from_reader(&cert[..]).map_err(|e| {
- error!("Deserialize root DICE certificate failed: {e}");
- DiceError::InvalidInput
- })?,
- ]);
- let mut bcc: Vec<u8> = vec![];
- ser::into_writer(&bcc_value, &mut bcc).map_err(|e| {
- error!("Serialize BCC failed: {e}");
- DiceError::InvalidInput
- })?;
-
- // Appends AVB certificate to DICE chain.
- let config_values = DiceConfigValues {
- component_name: Some(CStr::from_bytes_with_nul(b"AVB\0").unwrap()),
- component_version: Some(1),
- resettable: true,
- ..Default::default()
- };
- let config_descriptor = retry_bcc_format_config_descriptor(&config_values)?;
- let input_values = InputValues::new(
- CODE_HASH_AVB,
- Config::Descriptor(config_descriptor.as_slice()),
- AUTHORITY_HASH_AVB,
- DiceMode::kDiceModeNormal,
- HIDDEN_AVB,
- );
- let dice_artifacts =
- retry_bcc_main_flow(&cdi_values.cdi_attest, &cdi_values.cdi_seal, &bcc, &input_values)
- .map_err(|e| {
- error!(
- "In make_sample_bcc_and_cdis: Trying to run first bcc main flow. Error: {e}"
- );
- e
- })?;
-
- // Appends Android certificate to DICE chain.
- let config_values = DiceConfigValues {
- component_name: Some(CStr::from_bytes_with_nul(b"Android\0").unwrap()),
- component_version: Some(12),
- resettable: true,
- ..Default::default()
- };
- let config_descriptor = retry_bcc_format_config_descriptor(&config_values)?;
- let input_values = InputValues::new(
- [0u8; HASH_SIZE], // code_hash
- Config::Descriptor(config_descriptor.as_slice()),
- AUTHORITY_HASH_ANDROID,
- DiceMode::kDiceModeNormal,
- [0u8; HIDDEN_SIZE], // hidden
- );
- retry_bcc_main_flow(
- dice_artifacts.cdi_attest(),
- dice_artifacts.cdi_seal(),
- dice_artifacts.bcc().ok_or_else(|| {
- error!("bcc is none");
- DiceError::InvalidInput
- })?,
- &input_values,
- )
- .map_err(|e| {
- error!("In make_sample_bcc_and_cdis: Trying to run second bcc main flow. Error: {e}");
- e
- })
-}
diff --git a/diced/sample_inputs/tests/api_test.rs b/diced/sample_inputs/tests/api_test.rs
deleted file mode 100644
index f0d6c0d..0000000
--- a/diced/sample_inputs/tests/api_test.rs
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * Copyright (C) 2023 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-use diced_open_dice::DiceArtifacts;
-use diced_sample_inputs::make_sample_bcc_and_cdis;
-
-const EXPECTED_SAMPLE_CDI_ATTEST: &[u8] = &[
- 0x3e, 0x57, 0x65, 0x5d, 0x48, 0x02, 0xbd, 0x5c, 0x66, 0xcc, 0x1f, 0x0f, 0xbe, 0x5e, 0x32, 0xb6,
- 0x9e, 0x3d, 0x04, 0xaf, 0x00, 0x15, 0xbc, 0xdd, 0x1f, 0xbc, 0x59, 0xe4, 0xc3, 0x87, 0x95, 0x5e,
-];
-
-const EXPECTED_SAMPLE_CDI_SEAL: &[u8] = &[
- 0x36, 0x1b, 0xd2, 0xb3, 0xc4, 0xda, 0x77, 0xb2, 0x9c, 0xba, 0x39, 0x53, 0x82, 0x93, 0xd9, 0xb8,
- 0x9f, 0x73, 0x2d, 0x27, 0x06, 0x15, 0xa8, 0xcb, 0x6d, 0x1d, 0xf2, 0xb1, 0x54, 0xbb, 0x62, 0xf1,
-];
-
-const EXPECTED_SAMPLE_BCC: &[u8] = &[
- 0x84, 0xa5, 0x01, 0x01, 0x03, 0x27, 0x04, 0x81, 0x02, 0x20, 0x06, 0x21, 0x58, 0x20, 0x3e, 0x85,
- 0xe5, 0x72, 0x75, 0x55, 0xe5, 0x1e, 0xe7, 0xf3, 0x35, 0x94, 0x8e, 0xbb, 0xbd, 0x74, 0x1e, 0x1d,
- 0xca, 0x49, 0x9c, 0x97, 0x39, 0x77, 0x06, 0xd3, 0xc8, 0x6e, 0x8b, 0xd7, 0x33, 0xf9, 0x84, 0x43,
- 0xa1, 0x01, 0x27, 0xa0, 0x59, 0x01, 0x8a, 0xa9, 0x01, 0x78, 0x28, 0x34, 0x32, 0x64, 0x38, 0x38,
- 0x36, 0x34, 0x66, 0x39, 0x37, 0x62, 0x36, 0x35, 0x34, 0x37, 0x61, 0x35, 0x30, 0x63, 0x31, 0x65,
- 0x30, 0x61, 0x37, 0x34, 0x39, 0x66, 0x38, 0x65, 0x66, 0x38, 0x62, 0x38, 0x31, 0x65, 0x63, 0x36,
- 0x32, 0x61, 0x66, 0x02, 0x78, 0x28, 0x31, 0x66, 0x36, 0x39, 0x36, 0x66, 0x30, 0x37, 0x32, 0x35,
- 0x32, 0x66, 0x32, 0x39, 0x65, 0x39, 0x33, 0x66, 0x65, 0x34, 0x64, 0x65, 0x31, 0x39, 0x65, 0x65,
- 0x33, 0x32, 0x63, 0x64, 0x38, 0x31, 0x64, 0x63, 0x34, 0x30, 0x34, 0x65, 0x37, 0x36, 0x3a, 0x00,
- 0x47, 0x44, 0x50, 0x58, 0x40, 0x16, 0x48, 0xf2, 0x55, 0x53, 0x23, 0xdd, 0x15, 0x2e, 0x83, 0x38,
- 0xc3, 0x64, 0x38, 0x63, 0x26, 0x0f, 0xcf, 0x5b, 0xd1, 0x3a, 0xd3, 0x40, 0x3e, 0x23, 0xf8, 0x34,
- 0x4c, 0x6d, 0xa2, 0xbe, 0x25, 0x1c, 0xb0, 0x29, 0xe8, 0xc3, 0xfb, 0xb8, 0x80, 0xdc, 0xb1, 0xd2,
- 0xb3, 0x91, 0x4d, 0xd3, 0xfb, 0x01, 0x0f, 0xe4, 0xe9, 0x46, 0xa2, 0xc0, 0x26, 0x57, 0x5a, 0xba,
- 0x30, 0xf7, 0x15, 0x98, 0x14, 0x3a, 0x00, 0x47, 0x44, 0x53, 0x56, 0xa3, 0x3a, 0x00, 0x01, 0x11,
- 0x71, 0x63, 0x41, 0x42, 0x4c, 0x3a, 0x00, 0x01, 0x11, 0x72, 0x01, 0x3a, 0x00, 0x01, 0x11, 0x73,
- 0xf6, 0x3a, 0x00, 0x47, 0x44, 0x52, 0x58, 0x40, 0x47, 0xae, 0x42, 0x27, 0x4c, 0xcb, 0x65, 0x4d,
- 0xee, 0x74, 0x2d, 0x05, 0x78, 0x2a, 0x08, 0x2a, 0xa5, 0xf0, 0xcf, 0xea, 0x3e, 0x60, 0xee, 0x97,
- 0x11, 0x4b, 0x5b, 0xe6, 0x05, 0x0c, 0xe8, 0x90, 0xf5, 0x22, 0xc4, 0xc6, 0x67, 0x7a, 0x22, 0x27,
- 0x17, 0xb3, 0x79, 0xcc, 0x37, 0x64, 0x5e, 0x19, 0x4f, 0x96, 0x37, 0x67, 0x3c, 0xd0, 0xc5, 0xed,
- 0x0f, 0xdd, 0xe7, 0x2e, 0x4f, 0x70, 0x97, 0x30, 0x3a, 0x00, 0x47, 0x44, 0x54, 0x58, 0x40, 0xf9,
- 0x00, 0x9d, 0xc2, 0x59, 0x09, 0xe0, 0xb6, 0x98, 0xbd, 0xe3, 0x97, 0x4a, 0xcb, 0x3c, 0xe7, 0x6b,
- 0x24, 0xc3, 0xe4, 0x98, 0xdd, 0xa9, 0x6a, 0x41, 0x59, 0x15, 0xb1, 0x23, 0xe6, 0xc8, 0xdf, 0xfb,
- 0x52, 0xb4, 0x52, 0xc1, 0xb9, 0x61, 0xdd, 0xbc, 0x5b, 0x37, 0x0e, 0x12, 0x12, 0xb2, 0xfd, 0xc1,
- 0x09, 0xb0, 0xcf, 0x33, 0x81, 0x4c, 0xc6, 0x29, 0x1b, 0x99, 0xea, 0xae, 0xfd, 0xaa, 0x0d, 0x3a,
- 0x00, 0x47, 0x44, 0x56, 0x41, 0x01, 0x3a, 0x00, 0x47, 0x44, 0x57, 0x58, 0x2d, 0xa5, 0x01, 0x01,
- 0x03, 0x27, 0x04, 0x81, 0x02, 0x20, 0x06, 0x21, 0x58, 0x20, 0xb1, 0x02, 0xcc, 0x2c, 0xb2, 0x6a,
- 0x3b, 0xe9, 0xc1, 0xd3, 0x95, 0x10, 0xa0, 0xe1, 0xff, 0x51, 0xde, 0x57, 0xd5, 0x65, 0x28, 0xfd,
- 0x7f, 0xeb, 0xd4, 0xca, 0x15, 0xf3, 0xca, 0xdf, 0x37, 0x88, 0x3a, 0x00, 0x47, 0x44, 0x58, 0x41,
- 0x20, 0x58, 0x40, 0x58, 0xd8, 0x03, 0x24, 0x53, 0x60, 0x57, 0xa9, 0x09, 0xfa, 0xab, 0xdc, 0x57,
- 0x1e, 0xf0, 0xe5, 0x1e, 0x51, 0x6f, 0x9e, 0xa3, 0x42, 0xe6, 0x6a, 0x8c, 0xaa, 0xad, 0x08, 0x48,
- 0xde, 0x7f, 0x4f, 0x6e, 0x2f, 0x7f, 0x39, 0x6c, 0xa1, 0xf8, 0x42, 0x71, 0xfe, 0x17, 0x3d, 0xca,
- 0x31, 0x83, 0x92, 0xed, 0xbb, 0x40, 0xb8, 0x10, 0xe0, 0xf2, 0x5a, 0x99, 0x53, 0x38, 0x46, 0x33,
- 0x97, 0x78, 0x05, 0x84, 0x43, 0xa1, 0x01, 0x27, 0xa0, 0x59, 0x01, 0x8a, 0xa9, 0x01, 0x78, 0x28,
- 0x31, 0x66, 0x36, 0x39, 0x36, 0x66, 0x30, 0x37, 0x32, 0x35, 0x32, 0x66, 0x32, 0x39, 0x65, 0x39,
- 0x33, 0x66, 0x65, 0x34, 0x64, 0x65, 0x31, 0x39, 0x65, 0x65, 0x33, 0x32, 0x63, 0x64, 0x38, 0x31,
- 0x64, 0x63, 0x34, 0x30, 0x34, 0x65, 0x37, 0x36, 0x02, 0x78, 0x28, 0x32, 0x35, 0x39, 0x34, 0x38,
- 0x39, 0x65, 0x36, 0x39, 0x37, 0x34, 0x38, 0x37, 0x30, 0x35, 0x64, 0x65, 0x33, 0x65, 0x32, 0x66,
- 0x34, 0x34, 0x32, 0x36, 0x37, 0x65, 0x61, 0x34, 0x39, 0x33, 0x38, 0x66, 0x66, 0x36, 0x61, 0x35,
- 0x37, 0x32, 0x35, 0x3a, 0x00, 0x47, 0x44, 0x50, 0x58, 0x40, 0xa4, 0x0c, 0xcb, 0xc1, 0xbf, 0xfa,
- 0xcc, 0xfd, 0xeb, 0xf4, 0xfc, 0x43, 0x83, 0x7f, 0x46, 0x8d, 0xd8, 0xd8, 0x14, 0xc1, 0x96, 0x14,
- 0x1f, 0x6e, 0xb3, 0xa0, 0xd9, 0x56, 0xb3, 0xbf, 0x2f, 0xfa, 0x88, 0x70, 0x11, 0x07, 0x39, 0xa4,
- 0xd2, 0xa9, 0x6b, 0x18, 0x28, 0xe8, 0x29, 0x20, 0x49, 0x0f, 0xbb, 0x8d, 0x08, 0x8c, 0xc6, 0x54,
- 0xe9, 0x71, 0xd2, 0x7e, 0xa4, 0xfe, 0x58, 0x7f, 0xd3, 0xc7, 0x3a, 0x00, 0x47, 0x44, 0x53, 0x56,
- 0xa3, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x63, 0x41, 0x56, 0x42, 0x3a, 0x00, 0x01, 0x11, 0x72, 0x01,
- 0x3a, 0x00, 0x01, 0x11, 0x73, 0xf6, 0x3a, 0x00, 0x47, 0x44, 0x52, 0x58, 0x40, 0x93, 0x17, 0xe1,
- 0x11, 0x27, 0x59, 0xd0, 0xef, 0x75, 0x0b, 0x2b, 0x1c, 0x0f, 0x5f, 0x52, 0xc3, 0x29, 0x23, 0xb5,
- 0x2a, 0xe6, 0x12, 0x72, 0x6f, 0x39, 0x86, 0x65, 0x2d, 0xf2, 0xe4, 0xe7, 0xd0, 0xaf, 0x0e, 0xa7,
- 0x99, 0x16, 0x89, 0x97, 0x21, 0xf7, 0xdc, 0x89, 0xdc, 0xde, 0xbb, 0x94, 0x88, 0x1f, 0xda, 0xe2,
- 0xf3, 0xe0, 0x54, 0xf9, 0x0e, 0x29, 0xb1, 0xbd, 0xe1, 0x0c, 0x0b, 0xd7, 0xf6, 0x3a, 0x00, 0x47,
- 0x44, 0x54, 0x58, 0x40, 0xb2, 0x69, 0x05, 0x48, 0x56, 0xb5, 0xfa, 0x55, 0x6f, 0xac, 0x56, 0xd9,
- 0x02, 0x35, 0x2b, 0xaa, 0x4c, 0xba, 0x28, 0xdd, 0x82, 0x3a, 0x86, 0xf5, 0xd4, 0xc2, 0xf1, 0xf9,
- 0x35, 0x7d, 0xe4, 0x43, 0x13, 0xbf, 0xfe, 0xd3, 0x36, 0xd8, 0x1c, 0x12, 0x78, 0x5c, 0x9c, 0x3e,
- 0xf6, 0x66, 0xef, 0xab, 0x3d, 0x0f, 0x89, 0xa4, 0x6f, 0xc9, 0x72, 0xee, 0x73, 0x43, 0x02, 0x8a,
- 0xef, 0xbc, 0x05, 0x98, 0x3a, 0x00, 0x47, 0x44, 0x56, 0x41, 0x01, 0x3a, 0x00, 0x47, 0x44, 0x57,
- 0x58, 0x2d, 0xa5, 0x01, 0x01, 0x03, 0x27, 0x04, 0x81, 0x02, 0x20, 0x06, 0x21, 0x58, 0x20, 0x96,
- 0x6d, 0x96, 0x42, 0xda, 0x64, 0x51, 0xad, 0xfa, 0x00, 0xbc, 0xbc, 0x95, 0x8a, 0xb0, 0xb9, 0x76,
- 0x01, 0xe6, 0xbd, 0xc0, 0x26, 0x79, 0x26, 0xfc, 0x0f, 0x1d, 0x87, 0x65, 0xf1, 0xf3, 0x99, 0x3a,
- 0x00, 0x47, 0x44, 0x58, 0x41, 0x20, 0x58, 0x40, 0x10, 0x7f, 0x77, 0xad, 0x70, 0xbd, 0x52, 0x81,
- 0x28, 0x8d, 0x24, 0x81, 0xb4, 0x3f, 0x21, 0x68, 0x9f, 0xc3, 0x80, 0x68, 0x86, 0x55, 0xfb, 0x2e,
- 0x6d, 0x96, 0xe1, 0xe1, 0xb7, 0x28, 0x8d, 0x63, 0x85, 0xba, 0x2a, 0x01, 0x33, 0x87, 0x60, 0x63,
- 0xbb, 0x16, 0x3f, 0x2f, 0x3d, 0xf4, 0x2d, 0x48, 0x5b, 0x87, 0xed, 0xda, 0x34, 0xeb, 0x9c, 0x4d,
- 0x14, 0xac, 0x65, 0xf4, 0xfa, 0xef, 0x45, 0x0b, 0x84, 0x43, 0xa1, 0x01, 0x27, 0xa0, 0x59, 0x01,
- 0x8f, 0xa9, 0x01, 0x78, 0x28, 0x32, 0x35, 0x39, 0x34, 0x38, 0x39, 0x65, 0x36, 0x39, 0x37, 0x34,
- 0x38, 0x37, 0x30, 0x35, 0x64, 0x65, 0x33, 0x65, 0x32, 0x66, 0x34, 0x34, 0x32, 0x36, 0x37, 0x65,
- 0x61, 0x34, 0x39, 0x33, 0x38, 0x66, 0x66, 0x36, 0x61, 0x35, 0x37, 0x32, 0x35, 0x02, 0x78, 0x28,
- 0x35, 0x64, 0x34, 0x65, 0x64, 0x37, 0x66, 0x34, 0x31, 0x37, 0x61, 0x39, 0x35, 0x34, 0x61, 0x31,
- 0x38, 0x31, 0x34, 0x30, 0x37, 0x62, 0x35, 0x38, 0x38, 0x35, 0x61, 0x66, 0x64, 0x37, 0x32, 0x61,
- 0x35, 0x62, 0x66, 0x34, 0x30, 0x64, 0x61, 0x36, 0x3a, 0x00, 0x47, 0x44, 0x50, 0x58, 0x40, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3a,
- 0x00, 0x47, 0x44, 0x53, 0x58, 0x1a, 0xa3, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x67, 0x41, 0x6e, 0x64,
- 0x72, 0x6f, 0x69, 0x64, 0x3a, 0x00, 0x01, 0x11, 0x72, 0x0c, 0x3a, 0x00, 0x01, 0x11, 0x73, 0xf6,
- 0x3a, 0x00, 0x47, 0x44, 0x52, 0x58, 0x40, 0x26, 0x1a, 0xbd, 0x26, 0xd8, 0x37, 0x8f, 0x4a, 0xf2,
- 0x9e, 0x49, 0x4d, 0x93, 0x23, 0xc4, 0x6e, 0x02, 0xda, 0xe0, 0x00, 0x02, 0xe7, 0xed, 0x29, 0xdf,
- 0x2b, 0xb3, 0x69, 0xf3, 0x55, 0x0e, 0x4c, 0x22, 0xdc, 0xcf, 0xf5, 0x92, 0xc9, 0xfa, 0x78, 0x98,
- 0xf1, 0x0e, 0x55, 0x5f, 0xf4, 0x45, 0xed, 0xc0, 0x0a, 0x72, 0x2a, 0x7a, 0x3a, 0xd2, 0xb1, 0xf7,
- 0x76, 0xfe, 0x2a, 0x6b, 0x7b, 0x2a, 0x53, 0x3a, 0x00, 0x47, 0x44, 0x54, 0x58, 0x40, 0x04, 0x25,
- 0x5d, 0x60, 0x5f, 0x5c, 0x45, 0x0d, 0xf2, 0x9a, 0x6e, 0x99, 0x30, 0x03, 0xb8, 0xd6, 0xe1, 0x99,
- 0x71, 0x1b, 0xf8, 0x44, 0xfa, 0xb5, 0x31, 0x79, 0x1c, 0x37, 0x68, 0x4e, 0x1d, 0xc0, 0x24, 0x74,
- 0x68, 0xf8, 0x80, 0x20, 0x3e, 0x44, 0xb1, 0x43, 0xd2, 0x9c, 0xfc, 0x12, 0x9e, 0x77, 0x0a, 0xde,
- 0x29, 0x24, 0xff, 0x2e, 0xfa, 0xc7, 0x10, 0xd5, 0x73, 0xd4, 0xc6, 0xdf, 0x62, 0x9f, 0x3a, 0x00,
- 0x47, 0x44, 0x56, 0x41, 0x01, 0x3a, 0x00, 0x47, 0x44, 0x57, 0x58, 0x2d, 0xa5, 0x01, 0x01, 0x03,
- 0x27, 0x04, 0x81, 0x02, 0x20, 0x06, 0x21, 0x58, 0x20, 0xdb, 0xe7, 0x5b, 0x3f, 0xa3, 0x42, 0xb0,
- 0x9c, 0xf8, 0x40, 0x8c, 0xb0, 0x9c, 0xf0, 0x0a, 0xaf, 0xdf, 0x6f, 0xe5, 0x09, 0x21, 0x11, 0x92,
- 0xe1, 0xf8, 0xc5, 0x09, 0x02, 0x3d, 0x1f, 0xb7, 0xc5, 0x3a, 0x00, 0x47, 0x44, 0x58, 0x41, 0x20,
- 0x58, 0x40, 0xc4, 0xc1, 0xd7, 0x1c, 0x2d, 0x26, 0x89, 0x22, 0xcf, 0xa6, 0x99, 0x77, 0x30, 0x84,
- 0x86, 0x27, 0x59, 0x8f, 0xd8, 0x08, 0x75, 0xe0, 0xb2, 0xef, 0xf9, 0xfa, 0xa5, 0x40, 0x8c, 0xd3,
- 0xeb, 0xbb, 0xda, 0xf2, 0xc8, 0xae, 0x41, 0x22, 0x50, 0x9c, 0xe8, 0xb2, 0x9c, 0x9b, 0x3f, 0x8a,
- 0x78, 0x76, 0xab, 0xd0, 0xbe, 0xfc, 0xe4, 0x79, 0xcb, 0x1b, 0x2b, 0xaa, 0x4d, 0xdd, 0x15, 0x61,
- 0x42, 0x06,
-];
-
-#[test]
-fn sample_bcc_and_cdis_are_as_expected() {
- let dice_artifacts = make_sample_bcc_and_cdis().unwrap();
- assert_eq!(dice_artifacts.cdi_attest(), EXPECTED_SAMPLE_CDI_ATTEST);
- assert_eq!(dice_artifacts.cdi_seal(), EXPECTED_SAMPLE_CDI_SEAL);
- assert_eq!(dice_artifacts.bcc(), Some(EXPECTED_SAMPLE_BCC));
-}
diff --git a/identity/Android.bp b/identity/Android.bp
index 007a310..f7a540a 100644
--- a/identity/Android.bp
+++ b/identity/Android.bp
@@ -51,6 +51,7 @@
"liblog",
"libutils",
"libutilscallstack",
+ "libkeystore-attestation-application-id",
],
static_libs: [
"android.hardware.keymaster-V3-cpp",
@@ -60,7 +61,6 @@
"libcppbor_external",
"libcredstore_aidl",
"libkeymaster4support",
- "libkeystore-attestation-application-id",
"librkp_support",
],
}
diff --git a/keystore/Android.bp b/keystore/Android.bp
index 221ead9..c79d00b 100644
--- a/keystore/Android.bp
+++ b/keystore/Android.bp
@@ -69,19 +69,16 @@
defaults: ["keystore_defaults"],
srcs: [
- ":IKeyAttestationApplicationIdProvider.aidl",
"keystore_attestation_id.cpp",
- "KeyAttestationApplicationId.cpp",
- "KeyAttestationPackageInfo.cpp",
- "Signature.cpp",
],
shared_libs: [
+ "android.security.aaid_aidl-cpp",
"libbase",
"libbinder",
+ "libcrypto",
"libhidlbase",
"liblog",
"libutils",
- "libcrypto",
],
export_include_dirs: ["include"],
diff --git a/keystore/KeyAttestationApplicationId.cpp b/keystore/KeyAttestationApplicationId.cpp
deleted file mode 100644
index 1838b07..0000000
--- a/keystore/KeyAttestationApplicationId.cpp
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
-**
-** Copyright 2016, The Android Open Source Project
-**
-** Licensed under the Apache License, Version 2.0 (the "License");
-** you may not use this file except in compliance with the License.
-** You may obtain a copy of the License at
-**
-** http://www.apache.org/licenses/LICENSE-2.0
-**
-** Unless required by applicable law or agreed to in writing, software
-** distributed under the License is distributed on an "AS IS" BASIS,
-** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-** See the License for the specific language governing permissions and
-** limitations under the License.
-*/
-
-#include "include/keystore/KeyAttestationApplicationId.h"
-
-#include <binder/Parcel.h>
-
-namespace android {
-namespace security {
-namespace keymaster {
-
-KeyAttestationApplicationId::KeyAttestationApplicationId() = default;
-
-KeyAttestationApplicationId::KeyAttestationApplicationId(
- std::optional<KeyAttestationPackageInfo> package)
- : packageInfos_(new std::vector<std::optional<KeyAttestationPackageInfo>>()) {
- packageInfos_->push_back(std::move(package));
-}
-
-KeyAttestationApplicationId::KeyAttestationApplicationId(PackageInfoVector packages)
- : packageInfos_(std::make_shared<PackageInfoVector>(std::move(packages))) {}
-
-status_t KeyAttestationApplicationId::writeToParcel(Parcel* parcel) const {
- return parcel->writeParcelableVector(packageInfos_);
-}
-
-status_t KeyAttestationApplicationId::readFromParcel(const Parcel* parcel) {
- std::optional<std::vector<std::optional<KeyAttestationPackageInfo>>> temp_vector;
- auto rc = parcel->readParcelableVector(&temp_vector);
- if (rc != NO_ERROR) return rc;
- packageInfos_.reset();
- if (temp_vector) {
- packageInfos_ = std::make_shared<PackageInfoVector>(std::move(*temp_vector));
- }
- return NO_ERROR;
-}
-
-} // namespace keymaster
-} // namespace security
-} // namespace android
diff --git a/keystore/KeyAttestationPackageInfo.cpp b/keystore/KeyAttestationPackageInfo.cpp
deleted file mode 100644
index 8e9a36a..0000000
--- a/keystore/KeyAttestationPackageInfo.cpp
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
-**
-** Copyright 2016, The Android Open Source Project
-**
-** Licensed under the Apache License, Version 2.0 (the "License");
-** you may not use this file except in compliance with the License.
-** You may obtain a copy of the License at
-**
-** http://www.apache.org/licenses/LICENSE-2.0
-**
-** Unless required by applicable law or agreed to in writing, software
-** distributed under the License is distributed on an "AS IS" BASIS,
-** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-** See the License for the specific language governing permissions and
-** limitations under the License.
-*/
-
-#include "include/keystore/KeyAttestationPackageInfo.h"
-
-#include <binder/Parcel.h>
-
-namespace android {
-namespace security {
-namespace keymaster {
-
-KeyAttestationPackageInfo::KeyAttestationPackageInfo() = default;
-
-KeyAttestationPackageInfo::KeyAttestationPackageInfo(const String16& packageName,
- int64_t versionCode,
- SharedSignaturesVector signatures)
- : packageName_(packageName), versionCode_(versionCode), signatures_(signatures) {}
-
-status_t KeyAttestationPackageInfo::writeToParcel(Parcel* parcel) const {
- auto rc = parcel->writeString16(packageName_);
- if (rc != NO_ERROR) return rc;
- rc = parcel->writeInt64(versionCode_);
- if (rc != NO_ERROR) return rc;
- return parcel->writeParcelableVector(signatures_);
-}
-
-status_t KeyAttestationPackageInfo::readFromParcel(const Parcel* parcel) {
- auto rc = parcel->readString16(&packageName_);
- if (rc != NO_ERROR) return rc;
- rc = parcel->readInt64(&versionCode_);
- if (rc != NO_ERROR) return rc;
-
- std::optional<SignaturesVector> temp_vector;
- rc = parcel->readParcelableVector(&temp_vector);
- if (rc != NO_ERROR) return rc;
- signatures_.reset();
- if (temp_vector) {
- signatures_ = std::make_shared<SignaturesVector>(std::move(*temp_vector));
- }
- return NO_ERROR;
-}
-
-} // namespace keymaster
-} // namespace security
-} // namespace android
diff --git a/keystore/Signature.cpp b/keystore/Signature.cpp
deleted file mode 100644
index 284f358..0000000
--- a/keystore/Signature.cpp
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
-**
-** Copyright 2016, The Android Open Source Project
-**
-** Licensed under the Apache License, Version 2.0 (the "License");
-** you may not use this file except in compliance with the License.
-** You may obtain a copy of the License at
-**
-** http://www.apache.org/licenses/LICENSE-2.0
-**
-** Unless required by applicable law or agreed to in writing, software
-** distributed under the License is distributed on an "AS IS" BASIS,
-** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-** See the License for the specific language governing permissions and
-** limitations under the License.
-*/
-
-#include "include/keystore/Signature.h"
-
-#include <binder/Parcel.h>
-
-namespace android {
-namespace content {
-namespace pm {
-
-status_t Signature::writeToParcel(Parcel* parcel) const {
- return parcel->writeByteVector(sig_data_);
-}
-
-status_t Signature::readFromParcel(const Parcel* parcel) {
- return parcel->readByteVector(&sig_data_);
-}
-
-Signature::Signature(std::vector<uint8_t> signature_data) : sig_data_(std::move(signature_data)) {}
-
-} // namespace pm
-} // namespace content
-} // namespace android
diff --git a/keystore/include/keystore/KeyAttestationApplicationId.h b/keystore/include/keystore/KeyAttestationApplicationId.h
deleted file mode 100644
index 0bf1aad..0000000
--- a/keystore/include/keystore/KeyAttestationApplicationId.h
+++ /dev/null
@@ -1,58 +0,0 @@
-// Copyright 2016 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#ifndef KEYSTORE_INCLUDE_KEYSTORE_KEYATTESTATIONAPPLICATIONID_H_
-#define KEYSTORE_INCLUDE_KEYSTORE_KEYATTESTATIONAPPLICATIONID_H_
-
-#include <memory>
-#include <optional>
-#include <vector>
-
-#include <binder/Parcelable.h>
-
-#include "KeyAttestationPackageInfo.h"
-
-namespace android {
-namespace security {
-namespace keymaster {
-
-class KeyAttestationApplicationId : public Parcelable {
- public:
- typedef SharedNullableIterator<const KeyAttestationPackageInfo, std::vector>
- ConstKeyAttestationPackageInfoIterator;
- typedef std::vector<std::optional<KeyAttestationPackageInfo>> PackageInfoVector;
- KeyAttestationApplicationId();
- // Following c'tors are for initializing instances containing test data.
- explicit KeyAttestationApplicationId(std::optional<KeyAttestationPackageInfo> package);
- explicit KeyAttestationApplicationId(PackageInfoVector packages);
-
- status_t writeToParcel(Parcel*) const override;
- status_t readFromParcel(const Parcel* parcel) override;
-
- ConstKeyAttestationPackageInfoIterator pinfos_begin() const {
- return ConstKeyAttestationPackageInfoIterator(packageInfos_);
- }
- ConstKeyAttestationPackageInfoIterator pinfos_end() const {
- return ConstKeyAttestationPackageInfoIterator();
- }
-
- private:
- std::shared_ptr<PackageInfoVector> packageInfos_;
-};
-
-} // namespace keymaster
-} // namespace security
-} // namespace android
-
-#endif // KEYSTORE_INCLUDE_KEYSTORE_KEYATTESTATIONAPPLICATIONID_H_
diff --git a/keystore/include/keystore/KeyAttestationPackageInfo.h b/keystore/include/keystore/KeyAttestationPackageInfo.h
deleted file mode 100644
index fa638f9..0000000
--- a/keystore/include/keystore/KeyAttestationPackageInfo.h
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2016 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#ifndef KEYSTORE_INCLUDE_KEYSTORE_KEYATTESTATIONPACKAGEINFO_H_
-#define KEYSTORE_INCLUDE_KEYSTORE_KEYATTESTATIONPACKAGEINFO_H_
-
-#include <stdint.h>
-
-#include <memory>
-#include <optional>
-#include <vector>
-
-#include <binder/Parcelable.h>
-
-#include "Signature.h"
-#include "utils.h"
-
-namespace android {
-namespace security {
-namespace keymaster {
-
-class KeyAttestationPackageInfo : public Parcelable {
- public:
- typedef SharedNullableIterator<const content::pm::Signature, std::vector>
- ConstSignatureIterator;
- typedef std::vector<std::optional<content::pm::Signature>> SignaturesVector;
- typedef std::shared_ptr<SignaturesVector> SharedSignaturesVector;
-
- KeyAttestationPackageInfo(const String16& packageName, int64_t versionCode,
- SharedSignaturesVector signatures);
- KeyAttestationPackageInfo();
-
- status_t writeToParcel(Parcel*) const override;
- status_t readFromParcel(const Parcel* parcel) override;
-
- const std::optional<String16>& package_name() const { return packageName_; }
- int64_t version_code() const { return versionCode_; }
-
- ConstSignatureIterator sigs_begin() const { return ConstSignatureIterator(signatures_); }
- ConstSignatureIterator sigs_end() const { return ConstSignatureIterator(); }
-
- private:
- std::optional<String16> packageName_;
- int64_t versionCode_;
- SharedSignaturesVector signatures_;
-};
-
-} // namespace keymaster
-} // namespace security
-} // namespace android
-
-#endif // KEYSTORE_INCLUDE_KEYSTORE_KEYATTESTATIONPACKAGEINFO_H_
diff --git a/keystore/include/keystore/Signature.h b/keystore/include/keystore/Signature.h
deleted file mode 100644
index f39acec..0000000
--- a/keystore/include/keystore/Signature.h
+++ /dev/null
@@ -1,47 +0,0 @@
-// Copyright 2016 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#ifndef KEYSTORE_INCLUDE_KEYSTORE_SIGNATURE_H_
-#define KEYSTORE_INCLUDE_KEYSTORE_SIGNATURE_H_
-
-#include <vector>
-
-#include <binder/Parcelable.h>
-
-namespace android {
-namespace content {
-namespace pm {
-
-class Signature : public Parcelable {
- public:
- Signature() = default;
- // Intended for initializing instances containing test data.
- explicit Signature(std::vector<uint8_t> signature_data);
-
- status_t writeToParcel(Parcel*) const override;
- status_t readFromParcel(const Parcel* parcel) override;
-
- const std::vector<uint8_t>& data() const & { return sig_data_; }
- std::vector<uint8_t>& data() & { return sig_data_; }
- std::vector<uint8_t>&& data() && { return std::move(sig_data_); }
-
- private:
- std::vector<uint8_t> sig_data_;
-};
-
-} // namespace pm
-} // namespace content
-} // namespace android
-
-#endif // KEYSTORE_INCLUDE_KEYSTORE_SIGNATURE_H_
diff --git a/keystore/include/keystore/keystore_attestation_id.h b/keystore/include/keystore/keystore_attestation_id.h
index 238f4b1..a0d43ad 100644
--- a/keystore/include/keystore/keystore_attestation_id.h
+++ b/keystore/include/keystore/keystore_attestation_id.h
@@ -25,11 +25,11 @@
constexpr size_t KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE = 1024;
-namespace keymaster {
+namespace keystore {
class KeyAttestationApplicationId;
-} // namespace keymaster
+} // namespace keystore
template <typename T> class StatusOr {
public:
@@ -77,7 +77,7 @@
*/
StatusOr<std::vector<uint8_t>> build_attestation_application_id(
- const ::android::security::keymaster::KeyAttestationApplicationId& key_attestation_id);
+ const ::android::security::keystore::KeyAttestationApplicationId& key_attestation_id);
} // namespace security
} // namespace android
diff --git a/keystore/keystore_attestation_id.cpp b/keystore/keystore_attestation_id.cpp
index 8eade97..1534be1 100644
--- a/keystore/keystore_attestation_id.cpp
+++ b/keystore/keystore_attestation_id.cpp
@@ -29,11 +29,11 @@
#include <binder/Parcelable.h>
#include <binder/PersistableBundle.h>
-#include <android/security/keymaster/BpKeyAttestationApplicationIdProvider.h>
-#include <android/security/keymaster/IKeyAttestationApplicationIdProvider.h>
-#include <keystore/KeyAttestationApplicationId.h>
-#include <keystore/KeyAttestationPackageInfo.h>
-#include <keystore/Signature.h>
+#include <android/security/keystore/BpKeyAttestationApplicationIdProvider.h>
+#include <android/security/keystore/IKeyAttestationApplicationIdProvider.h>
+#include <android/security/keystore/KeyAttestationApplicationId.h>
+#include <android/security/keystore/KeyAttestationPackageInfo.h>
+#include <android/security/keystore/Signature.h>
#include <private/android_filesystem_config.h> /* for AID_SYSTEM */
@@ -50,13 +50,13 @@
constexpr const char* kAttestationSystemPackageName = "AndroidSystem";
constexpr const char* kUnknownPackageName = "UnknownPackage";
-std::vector<uint8_t> signature2SHA256(const content::pm::Signature& sig) {
+std::vector<uint8_t> signature2SHA256(const security::keystore::Signature& sig) {
std::vector<uint8_t> digest_buffer(SHA256_DIGEST_LENGTH);
- SHA256(sig.data().data(), sig.data().size(), digest_buffer.data());
+ SHA256(sig.data.data(), sig.data.size(), digest_buffer.data());
return digest_buffer;
}
-using ::android::security::keymaster::BpKeyAttestationApplicationIdProvider;
+using ::android::security::keystore::BpKeyAttestationApplicationIdProvider;
class KeyAttestationApplicationIdProvider : public BpKeyAttestationApplicationIdProvider {
public:
@@ -141,8 +141,8 @@
namespace security {
namespace {
-using ::android::security::keymaster::KeyAttestationApplicationId;
-using ::android::security::keymaster::KeyAttestationPackageInfo;
+using ::android::security::keystore::KeyAttestationApplicationId;
+using ::android::security::keystore::KeyAttestationPackageInfo;
status_t build_attestation_package_info(const KeyAttestationPackageInfo& pinfo,
std::unique_ptr<KM_ATTESTATION_PACKAGE_INFO>* attestation_package_info_ptr) {
@@ -153,12 +153,12 @@
attestation_package_info.reset(KM_ATTESTATION_PACKAGE_INFO_new());
if (!attestation_package_info.get()) return NO_MEMORY;
- if (!pinfo.package_name()) {
+ if (!pinfo.packageName) {
ALOGE("Key attestation package info lacks package name");
return BAD_VALUE;
}
- std::string pkg_name(String8(*pinfo.package_name()).c_str());
+ std::string pkg_name(String8(pinfo.packageName).c_str());
if (!ASN1_OCTET_STRING_set(attestation_package_info->package_name,
reinterpret_cast<const unsigned char*>(pkg_name.data()),
pkg_name.size())) {
@@ -169,7 +169,7 @@
if (bn_version == nullptr) {
return NO_MEMORY;
}
- if (BN_set_u64(bn_version, static_cast<uint64_t>(pinfo.version_code())) != 1) {
+ if (BN_set_u64(bn_version, static_cast<uint64_t>(pinfo.versionCode)) != 1) {
BN_free(bn_version);
return UNKNOWN_ERROR;
}
@@ -201,15 +201,16 @@
auto attestation_pinfo_stack = reinterpret_cast<_STACK*>(attestation_id->package_infos);
- if (key_attestation_id.pinfos_begin() == key_attestation_id.pinfos_end()) return BAD_VALUE;
+ if (key_attestation_id.packageInfos.begin() == key_attestation_id.packageInfos.end())
+ return BAD_VALUE;
- for (auto pinfo = key_attestation_id.pinfos_begin(); pinfo != key_attestation_id.pinfos_end();
- ++pinfo) {
- if (!pinfo->package_name()) {
+ for (auto pinfo = key_attestation_id.packageInfos.begin();
+ pinfo != key_attestation_id.packageInfos.end(); ++pinfo) {
+ if (!pinfo->packageName) {
ALOGE("Key attestation package info lacks package name");
return BAD_VALUE;
}
- std::string package_name(String8(*pinfo->package_name()).c_str());
+ std::string package_name(String8(pinfo->packageName).c_str());
std::unique_ptr<KM_ATTESTATION_PACKAGE_INFO> attestation_package_info;
auto rc = build_attestation_package_info(*pinfo, &attestation_package_info);
if (rc != NO_ERROR) {
@@ -231,10 +232,10 @@
* signature field actually holds the signing certificate, rather than a signature, we can
* simply use the set of signature digests of the first package info.
*/
- const auto& pinfo = *key_attestation_id.pinfos_begin();
+ const auto& pinfo = *key_attestation_id.packageInfos.begin();
std::vector<std::vector<uint8_t>> signature_digests;
- for (auto sig = pinfo.sigs_begin(); sig != pinfo.sigs_end(); ++sig) {
+ for (auto sig = pinfo.signatures.begin(); sig != pinfo.signatures.end(); ++sig) {
signature_digests.push_back(signature2SHA256(*sig));
}
@@ -271,10 +272,10 @@
if (uid == AID_SYSTEM) {
/* Use a fixed ID for system callers */
- auto pinfo = std::make_optional<KeyAttestationPackageInfo>(
- String16(kAttestationSystemPackageName), 1 /* version code */,
- std::make_shared<KeyAttestationPackageInfo::SignaturesVector>());
- key_attestation_id = KeyAttestationApplicationId(std::move(pinfo));
+ auto pinfo = KeyAttestationPackageInfo();
+ pinfo.packageName = String16(kAttestationSystemPackageName);
+ pinfo.versionCode = 1;
+ key_attestation_id.packageInfos.push_back(std::move(pinfo));
} else {
/* Get the attestation application ID from package manager */
auto& pm = KeyAttestationApplicationIdProvider::get();
@@ -284,10 +285,11 @@
if (!status.isOk()) {
ALOGW("package manager request for key attestation ID failed with: %s %d",
status.exceptionMessage().c_str(), status.exceptionCode());
- auto pinfo = std::make_optional<KeyAttestationPackageInfo>(
- String16(kUnknownPackageName), 1 /* version code */,
- std::make_shared<KeyAttestationPackageInfo::SignaturesVector>());
- key_attestation_id = KeyAttestationApplicationId(std::move(pinfo));
+
+ auto pinfo = KeyAttestationPackageInfo();
+ pinfo.packageName = String16(kUnknownPackageName);
+ pinfo.versionCode = 1;
+ key_attestation_id.packageInfos.push_back(std::move(pinfo));
}
}
diff --git a/keystore/tests/Android.bp b/keystore/tests/Android.bp
index f51cc2f..e641f44 100644
--- a/keystore/tests/Android.bp
+++ b/keystore/tests/Android.bp
@@ -35,6 +35,7 @@
"libutils",
],
shared_libs: [
+ "android.security.aaid_aidl-cpp",
"libbinder",
"libkeymaster_messages",
"libkeystore-attestation-application-id",
diff --git a/keystore/tests/aaid_truncation_test.cpp b/keystore/tests/aaid_truncation_test.cpp
index fa4d769..3a94ec1 100644
--- a/keystore/tests/aaid_truncation_test.cpp
+++ b/keystore/tests/aaid_truncation_test.cpp
@@ -22,14 +22,14 @@
#include <keymaster/logger.h>
#include <keystore/keystore_attestation_id.h>
-#include <keystore/KeyAttestationApplicationId.h>
-#include <keystore/KeyAttestationPackageInfo.h>
-#include <keystore/Signature.h>
+#include <android/security/keystore/KeyAttestationApplicationId.h>
+#include <android/security/keystore/KeyAttestationPackageInfo.h>
+#include <android/security/keystore/Signature.h>
using ::android::String16;
using ::android::security::KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE;
-using ::android::security::keymaster::KeyAttestationApplicationId;
-using ::android::security::keymaster::KeyAttestationPackageInfo;
+using ::android::security::keystore::KeyAttestationApplicationId;
+using ::android::security::keystore::KeyAttestationPackageInfo;
using std::vector;
namespace keystore {
@@ -72,24 +72,27 @@
} // namespace
-using ::android::content::pm::Signature;
using ::android::security::build_attestation_application_id;
+using ::android::security::keystore::Signature;
-std::optional<KeyAttestationPackageInfo>
-make_package_info_with_signatures(const char* package_name,
- KeyAttestationPackageInfo::SignaturesVector signatures) {
- return std::make_optional<KeyAttestationPackageInfo>(
- String16(package_name), 1 /* version code */,
- std::make_shared<KeyAttestationPackageInfo::SignaturesVector>(std::move(signatures)));
+KeyAttestationPackageInfo make_package_info_with_signatures(const char* package_name,
+ std::vector<Signature> signatures) {
+ auto pInfo = KeyAttestationPackageInfo();
+ pInfo.packageName = String16(package_name);
+ pInfo.versionCode = 1;
+ std::move(signatures.begin(), signatures.end(), std::back_inserter(pInfo.signatures));
+
+ return pInfo;
}
-std::optional<KeyAttestationPackageInfo> make_package_info(const char* package_name) {
- return make_package_info_with_signatures(package_name,
- KeyAttestationPackageInfo::SignaturesVector());
+KeyAttestationPackageInfo make_package_info(const char* package_name) {
+ return make_package_info_with_signatures(package_name, std::vector<Signature>());
}
TEST(AaidTruncationTest, shortPackageInfoTest) {
- KeyAttestationApplicationId app_id(make_package_info(kDummyPackageName));
+ KeyAttestationApplicationId app_id;
+ auto pInfo = make_package_info(kDummyPackageName);
+ app_id.packageInfos.push_back(std::move(pInfo));
auto result = build_attestation_application_id(app_id);
ASSERT_TRUE(result.isOk());
@@ -98,7 +101,9 @@
}
TEST(AaidTruncationTest, tooLongPackageNameTest) {
- KeyAttestationApplicationId app_id(make_package_info(kLongPackageName));
+ KeyAttestationApplicationId app_id;
+ auto pInfo = make_package_info(kLongPackageName);
+ app_id.packageInfos.push_back(std::move(pInfo));
auto result = build_attestation_application_id(app_id);
ASSERT_TRUE(result.isOk());
@@ -108,14 +113,17 @@
TEST(AaidTruncationTest, tooManySignaturesTest) {
std::vector<uint8_t> dummy_sig_data(kDummySignature, kDummySignature + 32);
- KeyAttestationPackageInfo::SignaturesVector signatures;
+ std::vector<Signature> signatures;
// Add 35 signatures which will surely exceed the 1K limit.
for (size_t i = 0; i < kTooManySignatures; ++i) {
- signatures.push_back(std::make_optional<Signature>(dummy_sig_data));
+ auto sign = Signature();
+ sign.data = dummy_sig_data;
+ signatures.push_back(std::move(sign));
}
- KeyAttestationApplicationId app_id(
- make_package_info_with_signatures(kDummyPackageName, std::move(signatures)));
+ auto pInfo = make_package_info_with_signatures(kDummyPackageName, std::move(signatures));
+ KeyAttestationApplicationId app_id;
+ app_id.packageInfos.push_back(std::move(pInfo));
auto result = build_attestation_application_id(app_id);
ASSERT_TRUE(result.isOk());
@@ -125,19 +133,22 @@
TEST(AaidTruncationTest, combinedPackagesAndSignaturesTest) {
std::vector<uint8_t> dummy_sig_data(kDummySignature, kDummySignature + 32);
- KeyAttestationApplicationId::PackageInfoVector packages;
+ ::std::vector<KeyAttestationPackageInfo> packages;
for (size_t i = 0; i < kTooManyPackages; ++i) {
- KeyAttestationPackageInfo::SignaturesVector signatures;
+ std::vector<Signature> signatures;
// Add a few signatures for each package
for (int j = 0; j < 3; ++j) {
- signatures.push_back(std::make_optional<Signature>(dummy_sig_data));
+ auto sign = Signature();
+ sign.data = dummy_sig_data;
+ signatures.push_back(std::move(sign));
}
- packages.push_back(
- make_package_info_with_signatures(kReasonablePackageName, std::move(signatures)));
+ packages.push_back(std::move(
+ make_package_info_with_signatures(kReasonablePackageName, std::move(signatures))));
}
+ KeyAttestationApplicationId app_id;
+ std::move(packages.begin(), packages.end(), std::back_inserter(app_id.packageInfos));
- KeyAttestationApplicationId app_id(std::move(packages));
auto result = build_attestation_application_id(app_id);
ASSERT_TRUE(result.isOk());
std::vector<uint8_t>& encoded_app_id = result;
diff --git a/keystore/tests/fuzzer/Android.bp b/keystore/tests/fuzzer/Android.bp
index 4116ae1..5df5c7a 100644
--- a/keystore/tests/fuzzer/Android.bp
+++ b/keystore/tests/fuzzer/Android.bp
@@ -55,6 +55,7 @@
"libhidlbase",
],
shared_libs: [
+ "android.security.aaid_aidl-cpp",
"libbinder",
"libcrypto",
"libutils",
diff --git a/keystore/tests/fuzzer/keystoreApplicationId_fuzzer.cpp b/keystore/tests/fuzzer/keystoreApplicationId_fuzzer.cpp
index 0eddb9a..9388001 100644
--- a/keystore/tests/fuzzer/keystoreApplicationId_fuzzer.cpp
+++ b/keystore/tests/fuzzer/keystoreApplicationId_fuzzer.cpp
@@ -15,9 +15,9 @@
*/
#include "keystoreCommon.h"
-#include <keystore/KeyAttestationApplicationId.h>
+#include <android/security/keystore/KeyAttestationApplicationId.h>
-using ::security::keymaster::KeyAttestationApplicationId;
+using ::android::security::keystore::KeyAttestationApplicationId;
constexpr size_t kPackageVectorSizeMin = 1;
constexpr size_t kPackageVectorSizeMax = 10;
@@ -33,26 +33,37 @@
};
void KeystoreApplicationId::invokeApplicationId() {
- std::optional<KeyAttestationApplicationId> applicationId;
+ KeyAttestationApplicationId applicationId;
bool shouldUsePackageInfoVector = mFdp->ConsumeBool();
if (shouldUsePackageInfoVector) {
- KeyAttestationApplicationId::PackageInfoVector packageInfoVector;
+ ::std::vector<KeyAttestationPackageInfo> packageInfoVector;
int32_t packageVectorSize =
mFdp->ConsumeIntegralInRange<int32_t>(kPackageVectorSizeMin, kPackageVectorSizeMax);
for (int32_t packageSize = 0; packageSize < packageVectorSize; ++packageSize) {
auto packageInfoData = initPackageInfoData(mFdp.get());
- packageInfoVector.push_back(make_optional<KeyAttestationPackageInfo>(
- String16((packageInfoData.packageName).c_str()), packageInfoData.versionCode,
- packageInfoData.sharedSignaturesVector));
+ auto pInfo = KeyAttestationPackageInfo();
+ pInfo.packageName = String16((packageInfoData.packageName).c_str());
+ pInfo.versionCode = packageInfoData.versionCode;
+ std::move(packageInfoData.sharedSignaturesVector->begin(),
+ packageInfoData.sharedSignaturesVector->end(),
+ std::back_inserter(pInfo.signatures));
+
+ packageInfoVector.push_back(std::move(pInfo));
}
- applicationId = KeyAttestationApplicationId(std::move(packageInfoVector));
+
+ std::move(packageInfoVector.begin(), packageInfoVector.end(),
+ std::back_inserter(applicationId.packageInfos));
} else {
auto packageInfoData = initPackageInfoData(mFdp.get());
- applicationId = KeyAttestationApplicationId(make_optional<KeyAttestationPackageInfo>(
- String16((packageInfoData.packageName).c_str()), packageInfoData.versionCode,
- packageInfoData.sharedSignaturesVector));
+ auto pInfo = KeyAttestationPackageInfo();
+ pInfo.packageName = String16((packageInfoData.packageName).c_str());
+ pInfo.versionCode = packageInfoData.versionCode;
+ std::move(packageInfoData.sharedSignaturesVector->begin(),
+ packageInfoData.sharedSignaturesVector->end(),
+ std::back_inserter(pInfo.signatures));
+ applicationId.packageInfos.push_back(std::move(pInfo));
}
- invokeReadWriteParcel(&applicationId.value());
+ invokeReadWriteParcel(&applicationId);
}
void KeystoreApplicationId::process(const uint8_t* data, size_t size) {
diff --git a/keystore/tests/fuzzer/keystoreCommon.h b/keystore/tests/fuzzer/keystoreCommon.h
index e1265bf..77d39e0 100644
--- a/keystore/tests/fuzzer/keystoreCommon.h
+++ b/keystore/tests/fuzzer/keystoreCommon.h
@@ -16,18 +16,18 @@
#ifndef KEYSTORECOMMON_H
#define KEYSTORECOMMON_H
+#include <android/security/keystore/KeyAttestationPackageInfo.h>
+#include <android/security/keystore/Signature.h>
#include <binder/Parcel.h>
#include <binder/Parcelable.h>
-#include <keystore/KeyAttestationPackageInfo.h>
-#include <keystore/Signature.h>
#include <vector>
#include "fuzzer/FuzzedDataProvider.h"
using namespace android;
using namespace std;
-using ::content::pm::Signature;
-using ::security::keymaster::KeyAttestationPackageInfo;
+using ::android::security::keystore::KeyAttestationPackageInfo;
+using ::android::security::keystore::Signature;
constexpr size_t kSignatureSizeMin = 1;
constexpr size_t kSignatureSizeMax = 1000;
@@ -38,7 +38,7 @@
struct PackageInfoData {
string packageName;
int64_t versionCode;
- KeyAttestationPackageInfo::SharedSignaturesVector sharedSignaturesVector;
+ std::shared_ptr<std::vector<Signature>> sharedSignaturesVector;
};
inline void invokeReadWriteParcel(Parcelable* obj) {
@@ -60,18 +60,20 @@
packageInfoData.versionCode = fdp->ConsumeIntegral<int64_t>();
size_t signatureVectorSize =
fdp->ConsumeIntegralInRange(kSignatureVectorSizeMin, kSignatureVectorSizeMax);
- KeyAttestationPackageInfo::SignaturesVector signatureVector;
+ std::vector<Signature> signatureVector;
for (size_t size = 0; size < signatureVectorSize; ++size) {
bool shouldUseParameterizedConstructor = fdp->ConsumeBool();
if (shouldUseParameterizedConstructor) {
vector<uint8_t> signatureData = initSignatureData(fdp);
- signatureVector.push_back(make_optional<Signature>(signatureData));
+ auto sign = Signature();
+ sign.data = signatureData;
+ signatureVector.push_back(std::move(sign));
} else {
- signatureVector.push_back(std::nullopt);
+ signatureVector.push_back(Signature());
}
}
packageInfoData.sharedSignaturesVector =
- make_shared<KeyAttestationPackageInfo::SignaturesVector>(std::move(signatureVector));
+ make_shared<std::vector<Signature>>(std::move(signatureVector));
return packageInfoData;
}
#endif // KEYSTORECOMMON_H
diff --git a/keystore/tests/fuzzer/keystorePackageInfo_fuzzer.cpp b/keystore/tests/fuzzer/keystorePackageInfo_fuzzer.cpp
index 63899ff..f1e4204 100644
--- a/keystore/tests/fuzzer/keystorePackageInfo_fuzzer.cpp
+++ b/keystore/tests/fuzzer/keystorePackageInfo_fuzzer.cpp
@@ -28,9 +28,12 @@
void KeystorePackageInfoFuzzer::invokePackageInfo() {
auto packageInfoData = initPackageInfoData(mFdp.get());
- KeyAttestationPackageInfo packageInfo(String16((packageInfoData.packageName).c_str()),
- packageInfoData.versionCode,
- packageInfoData.sharedSignaturesVector);
+ auto packageInfo = KeyAttestationPackageInfo();
+ packageInfo.packageName = String16((packageInfoData.packageName).c_str());
+ packageInfo.versionCode = packageInfoData.versionCode;
+ std::move(packageInfoData.sharedSignaturesVector->begin(),
+ packageInfoData.sharedSignaturesVector->end(),
+ std::back_inserter(packageInfo.signatures));
invokeReadWriteParcel(&packageInfo);
}
diff --git a/keystore/tests/fuzzer/keystoreSignature_fuzzer.cpp b/keystore/tests/fuzzer/keystoreSignature_fuzzer.cpp
index b8f8a73..aab1f25 100644
--- a/keystore/tests/fuzzer/keystoreSignature_fuzzer.cpp
+++ b/keystore/tests/fuzzer/keystoreSignature_fuzzer.cpp
@@ -14,7 +14,9 @@
* limitations under the License.
*/
#include "keystoreCommon.h"
-#include <keystore/Signature.h>
+#include <android/security/keystore/Signature.h>
+
+using ::android::security::keystore::Signature;
class KeystoreSignatureFuzzer {
public:
@@ -27,15 +29,15 @@
};
void KeystoreSignatureFuzzer::invokeSignature() {
- std::optional<Signature> signature;
+ Signature signature;
bool shouldUseParameterizedConstructor = mFdp->ConsumeBool();
if (shouldUseParameterizedConstructor) {
std::vector<uint8_t> signatureData = initSignatureData(mFdp.get());
- signature = Signature(signatureData);
+ signature.data = signatureData;
} else {
signature = Signature();
}
- invokeReadWriteParcel(&signature.value());
+ invokeReadWriteParcel(&signature);
}
void KeystoreSignatureFuzzer::process(const uint8_t* data, size_t size) {
diff --git a/keystore2/src/km_compat.rs b/keystore2/src/km_compat.rs
index 035edd9..8eba02d 100644
--- a/keystore2/src/km_compat.rs
+++ b/keystore2/src/km_compat.rs
@@ -32,6 +32,11 @@
use anyhow::Context;
use keystore2_crypto::{hmac_sha256, HMAC_SHA256_LEN};
+/// Magic prefix used by the km_compat C++ code to mark a key that is owned by an
+/// underlying Keymaster hardware device that has been wrapped by km_compat. (The
+/// final zero byte indicates that the blob is not software emulated.)
+pub const KEYMASTER_BLOB_HW_PREFIX: &[u8] = b"pKMblob\x00";
+
/// Key data associated with key generation/import.
#[derive(Debug, PartialEq, Eq)]
pub enum KeyImportData<'a> {
diff --git a/keystore2/src/legacy_importer.rs b/keystore2/src/legacy_importer.rs
index 325c213..159e936 100644
--- a/keystore2/src/legacy_importer.rs
+++ b/keystore2/src/legacy_importer.rs
@@ -914,11 +914,12 @@
uuid: &Uuid,
blob: &[u8],
) -> Result<(Vec<KeyParameter>, Option<Vec<u8>>)> {
- let (km_dev, _) = crate::globals::get_keymint_dev_by_uuid(uuid)
+ let (km_dev, info) = crate::globals::get_keymint_dev_by_uuid(uuid)
.with_context(|| ks_err!("Trying to get km device for id {:?}", uuid))?;
let (characteristics, upgraded_blob) = upgrade_keyblob_if_required_with(
&*km_dev,
+ info.versionNumber,
blob,
&[],
|blob| {
diff --git a/keystore2/src/raw_device.rs b/keystore2/src/raw_device.rs
index fa9872a..44d805c 100644
--- a/keystore2/src/raw_device.rs
+++ b/keystore2/src/raw_device.rs
@@ -263,35 +263,31 @@
where
F: Fn(&[u8]) -> Result<T, Error>,
{
- match f(&key_blob) {
- Err(Error::Km(ErrorCode::KEY_REQUIRES_UPGRADE)) => {
- let upgraded_blob = map_km_error({
- let _wp = wd::watch_millis(
- "In KeyMintDevice::upgrade_keyblob_if_required_with: calling upgradeKey.",
- 500,
- );
- self.km_dev.upgradeKey(&key_blob, &[])
- })
- .context(ks_err!("Upgrade failed"))?;
-
+ let (f_result, upgraded_blob) = crate::utils::upgrade_keyblob_if_required_with(
+ &*self.km_dev,
+ self.version(),
+ &key_blob,
+ &[],
+ f,
+ |upgraded_blob| {
let mut new_blob_metadata = BlobMetaData::new();
new_blob_metadata.add(BlobMetaEntry::KmUuid(self.km_uuid));
db.set_blob(
key_id_guard,
SubComponentType::KEY_BLOB,
- Some(&upgraded_blob),
+ Some(upgraded_blob),
Some(&new_blob_metadata),
)
.context(ks_err!("Failed to insert upgraded blob into the database"))?;
-
- Ok((
- f(&upgraded_blob).context(ks_err!("Closure failed after upgrade"))?,
- KeyBlob::NonSensitive(upgraded_blob),
- ))
- }
- result => Ok((result.context(ks_err!("Closure failed"))?, key_blob)),
- }
+ Ok(())
+ },
+ )?;
+ let returned_blob = match upgraded_blob {
+ None => key_blob,
+ Some(upgraded_blob) => KeyBlob::NonSensitive(upgraded_blob),
+ };
+ Ok((f_result, returned_blob))
}
/// Use the created key in an operation that can be done with
diff --git a/keystore2/src/rkpd_client.rs b/keystore2/src/rkpd_client.rs
index 938d389..7b4131d 100644
--- a/keystore2/src/rkpd_client.rs
+++ b/keystore2/src/rkpd_client.rs
@@ -666,7 +666,7 @@
fn test_rkpd_attestation_key_upgrade() {
binder::ProcessState::start_thread_pool();
let security_level = SecurityLevel::TRUSTED_ENVIRONMENT;
- let (keymint, _, _) = get_keymint_device(&security_level).unwrap();
+ let (keymint, info, _) = get_keymint_device(&security_level).unwrap();
let key_id = get_next_key_id();
let mut key_upgraded = false;
@@ -676,6 +676,7 @@
upgrade_keyblob_if_required_with(
&*keymint,
+ info.versionNumber,
&key.keyBlob,
/*upgrade_params=*/ &[],
/*km_op=*/
diff --git a/keystore2/src/security_level.rs b/keystore2/src/security_level.rs
index db44d4b..44ca4c8 100644
--- a/keystore2/src/security_level.rs
+++ b/keystore2/src/security_level.rs
@@ -317,7 +317,6 @@
let (begin_result, upgraded_blob) = self
.upgrade_keyblob_if_required_with(
- &*self.keymint,
key_id_guard,
&km_blob,
blob_metadata.km_uuid().copied(),
@@ -561,7 +560,6 @@
issuer_subject,
}) => self
.upgrade_keyblob_if_required_with(
- &*self.keymint,
Some(key_id_guard),
&KeyBlob::Ref(&blob),
blob_metadata.km_uuid().copied(),
@@ -786,7 +784,6 @@
let (creation_result, _) = self
.upgrade_keyblob_if_required_with(
- &*self.keymint,
Some(wrapping_key_id_guard),
&wrapping_key_blob,
wrapping_blob_metadata.km_uuid().copied(),
@@ -842,7 +839,6 @@
fn upgrade_keyblob_if_required_with<T, F>(
&self,
- km_dev: &dyn IKeyMintDevice,
mut key_id_guard: Option<KeyIdGuard>,
key_blob: &KeyBlob,
km_uuid: Option<Uuid>,
@@ -853,7 +849,8 @@
F: Fn(&[u8]) -> Result<T, Error>,
{
let (v, upgraded_blob) = crate::utils::upgrade_keyblob_if_required_with(
- km_dev,
+ &*self.keymint,
+ self.hw_info.versionNumber,
key_blob,
params,
f,
@@ -893,6 +890,7 @@
{
crate::utils::upgrade_keyblob_if_required_with(
&*self.keymint,
+ self.hw_info.versionNumber,
key_blob,
params,
f,
diff --git a/keystore2/src/utils.rs b/keystore2/src/utils.rs
index 584a51c..80aa7c3 100644
--- a/keystore2/src/utils.rs
+++ b/keystore2/src/utils.rs
@@ -23,6 +23,8 @@
use crate::{
database::{KeyType, KeystoreDB},
globals::LEGACY_IMPORTER,
+ km_compat,
+ raw_device::KeyMintDevice,
};
use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{
IKeyMintDevice::IKeyMintDevice, KeyCharacteristics::KeyCharacteristics,
@@ -163,13 +165,9 @@
.collect()
}
-/// This function can be used to upgrade key blobs on demand. The return value of
-/// `km_op` is inspected and if ErrorCode::KEY_REQUIRES_UPGRADE is encountered,
-/// an attempt is made to upgrade the key blob. On success `new_blob_handler` is called
-/// with the upgraded blob as argument. Then `km_op` is called a second time with the
-/// upgraded blob as argument. On success a tuple of the `km_op`s result and the
-/// optional upgraded blob is returned.
-pub fn upgrade_keyblob_if_required_with<T, KmOp, NewBlobHandler>(
+/// Upgrade a keyblob then invoke both the `new_blob_handler` and the `km_op` closures. On success
+/// a tuple of the `km_op`s result and the optional upgraded blob is returned.
+fn upgrade_keyblob_and_perform_op<T, KmOp, NewBlobHandler>(
km_dev: &dyn IKeyMintDevice,
key_blob: &[u8],
upgrade_params: &[KmKeyParameter],
@@ -180,22 +178,75 @@
KmOp: Fn(&[u8]) -> Result<T, Error>,
NewBlobHandler: FnOnce(&[u8]) -> Result<()>,
{
+ let upgraded_blob = {
+ let _wp = watchdog::watch_millis(
+ "In utils::upgrade_keyblob_and_perform_op: calling upgradeKey.",
+ 500,
+ );
+ map_km_error(km_dev.upgradeKey(key_blob, upgrade_params))
+ }
+ .context(ks_err!("Upgrade failed."))?;
+
+ new_blob_handler(&upgraded_blob).context(ks_err!("calling new_blob_handler."))?;
+
+ km_op(&upgraded_blob)
+ .map(|v| (v, Some(upgraded_blob)))
+ .context(ks_err!("Calling km_op after upgrade."))
+}
+
+/// This function can be used to upgrade key blobs on demand. The return value of
+/// `km_op` is inspected and if ErrorCode::KEY_REQUIRES_UPGRADE is encountered,
+/// an attempt is made to upgrade the key blob. On success `new_blob_handler` is called
+/// with the upgraded blob as argument. Then `km_op` is called a second time with the
+/// upgraded blob as argument. On success a tuple of the `km_op`s result and the
+/// optional upgraded blob is returned.
+pub fn upgrade_keyblob_if_required_with<T, KmOp, NewBlobHandler>(
+ km_dev: &dyn IKeyMintDevice,
+ km_dev_version: i32,
+ key_blob: &[u8],
+ upgrade_params: &[KmKeyParameter],
+ km_op: KmOp,
+ new_blob_handler: NewBlobHandler,
+) -> Result<(T, Option<Vec<u8>>)>
+where
+ KmOp: Fn(&[u8]) -> Result<T, Error>,
+ NewBlobHandler: FnOnce(&[u8]) -> Result<()>,
+{
match km_op(key_blob) {
- Err(Error::Km(ErrorCode::KEY_REQUIRES_UPGRADE)) => {
- let upgraded_blob = {
- let _wp = watchdog::watch_millis(
- "In utils::upgrade_keyblob_if_required_with: calling upgradeKey.",
- 500,
- );
- map_km_error(km_dev.upgradeKey(key_blob, upgrade_params))
- }
- .context(ks_err!("Upgrade failed."))?;
-
- new_blob_handler(&upgraded_blob).context(ks_err!("calling new_blob_handler."))?;
-
- km_op(&upgraded_blob)
- .map(|v| (v, Some(upgraded_blob)))
- .context(ks_err!("Calling km_op after upgrade."))
+ Err(Error::Km(ErrorCode::KEY_REQUIRES_UPGRADE)) => upgrade_keyblob_and_perform_op(
+ km_dev,
+ key_blob,
+ upgrade_params,
+ km_op,
+ new_blob_handler,
+ ),
+ // Some devices have been known to upgrade their Keymaster device to be a KeyMint
+ // device with a new release of Android. If this is the case, then any pre-upgrade
+ // keyblobs will have the km_compat prefix attached to them.
+ //
+ // This prefix gets stripped by the km_compat layer when used pre-upgrade, but after
+ // the upgrade the keyblob will be passed as-is to the KeyMint device, which probably
+ // won't expect to see the km_compat prefix.
+ //
+ // So if a keyblob:
+ // a) gets rejected with INVALID_KEY_BLOB
+ // b) when sent to a KeyMint (not km_compat) device
+ // c) and has the km_compat magic prefix
+ // d) and was not a software-emulated key pre-upgrade
+ // then strip the prefix and attempt a key upgrade.
+ Err(Error::Km(ErrorCode::INVALID_KEY_BLOB))
+ if km_dev_version >= KeyMintDevice::KEY_MINT_V1
+ && key_blob.starts_with(km_compat::KEYMASTER_BLOB_HW_PREFIX) =>
+ {
+ log::info!("found apparent km_compat(Keymaster) blob, attempt strip-and-upgrade");
+ let inner_keyblob = &key_blob[km_compat::KEYMASTER_BLOB_HW_PREFIX.len()..];
+ upgrade_keyblob_and_perform_op(
+ km_dev,
+ inner_keyblob,
+ upgrade_params,
+ km_op,
+ new_blob_handler,
+ )
}
r => r.map(|v| (v, None)).context(ks_err!("Calling km_op.")),
}
diff --git a/keystore2/test_utils/Android.bp b/keystore2/test_utils/Android.bp
index 9f3a4e9..a3c40cb 100644
--- a/keystore2/test_utils/Android.bp
+++ b/keystore2/test_utils/Android.bp
@@ -35,6 +35,7 @@
"liblog_rust",
"libnix",
"librand",
+ "librustutils",
"libserde",
"libserde_cbor",
"libthiserror",
@@ -82,7 +83,6 @@
shared_libs: [
"libbase",
"libcrypto",
- "libcppbor_external",
"libkeymaster_portable",
"libkeystore-engine",
"libkeymint_support",
diff --git a/keystore2/test_utils/authorizations.rs b/keystore2/test_utils/authorizations.rs
index 514cbd3..b73aab5 100644
--- a/keystore2/test_utils/authorizations.rs
+++ b/keystore2/test_utils/authorizations.rs
@@ -242,6 +242,69 @@
});
self
}
+
+ /// Set active date-time.
+ pub fn active_date_time(mut self, date: i64) -> Self {
+ self.0.push(KeyParameter {
+ tag: Tag::ACTIVE_DATETIME,
+ value: KeyParameterValue::DateTime(date),
+ });
+ self
+ }
+
+ /// Set origination expire date-time.
+ pub fn origination_expire_date_time(mut self, date: i64) -> Self {
+ self.0.push(KeyParameter {
+ tag: Tag::ORIGINATION_EXPIRE_DATETIME,
+ value: KeyParameterValue::DateTime(date),
+ });
+ self
+ }
+
+ /// Set usage expire date-time.
+ pub fn usage_expire_date_time(mut self, date: i64) -> Self {
+ self.0.push(KeyParameter {
+ tag: Tag::USAGE_EXPIRE_DATETIME,
+ value: KeyParameterValue::DateTime(date),
+ });
+ self
+ }
+
+ /// Set boot loader only.
+ pub fn boot_loader_only(mut self) -> Self {
+ self.0.push(KeyParameter {
+ tag: Tag::BOOTLOADER_ONLY,
+ value: KeyParameterValue::BoolValue(true),
+ });
+ self
+ }
+
+ /// Set early boot only.
+ pub fn early_boot_only(mut self) -> Self {
+ self.0.push(KeyParameter {
+ tag: Tag::EARLY_BOOT_ONLY,
+ value: KeyParameterValue::BoolValue(true),
+ });
+ self
+ }
+
+ /// Set max uses per boot.
+ pub fn max_uses_per_boot(mut self, max_uses: i32) -> Self {
+ self.0.push(KeyParameter {
+ tag: Tag::MAX_USES_PER_BOOT,
+ value: KeyParameterValue::Integer(max_uses),
+ });
+ self
+ }
+
+ /// Set max usage count.
+ pub fn usage_count_limit(mut self, usage_count: i32) -> Self {
+ self.0.push(KeyParameter {
+ tag: Tag::USAGE_COUNT_LIMIT,
+ value: KeyParameterValue::Integer(usage_count),
+ });
+ self
+ }
}
impl Deref for AuthSetBuilder {
diff --git a/keystore2/test_utils/ffi_test_utils.cpp b/keystore2/test_utils/ffi_test_utils.cpp
index 1853c07..4e781d1 100644
--- a/keystore2/test_utils/ffi_test_utils.cpp
+++ b/keystore2/test_utils/ffi_test_utils.cpp
@@ -8,6 +8,7 @@
#include <keymaster/km_openssl/openssl_err.h>
#include <keymaster/km_openssl/openssl_utils.h>
#include <keymint_support/attestation_record.h>
+#include <keymint_support/keymint_utils.h>
#include <openssl/mem.h>
using keymaster::ASN1_OBJECT_Ptr;
@@ -600,7 +601,8 @@
return result;
}
-CxxResult getValueFromAttestRecord(rust::Vec<rust::u8> cert_buf, int32_t tag) {
+CxxResult getValueFromAttestRecord(rust::Vec<rust::u8> cert_buf, int32_t tag,
+ int32_t expected_sec_level) {
CxxResult cxx_result{};
cxx_result.error = false;
@@ -648,6 +650,8 @@
aidl::android::hardware::security::keymint::Tag auth_tag =
static_cast<aidl::android::hardware::security::keymint::Tag>(tag);
+ aidl::android::hardware::security::keymint::SecurityLevel tag_security_level =
+ static_cast<aidl::android::hardware::security::keymint::SecurityLevel>(expected_sec_level);
if (auth_tag == aidl::android::hardware::security::keymint::Tag::ATTESTATION_APPLICATION_ID) {
int pos = att_sw_enforced.find(
@@ -684,6 +688,36 @@
return cxx_result;
}
+ if (auth_tag == aidl::android::hardware::security::keymint::Tag::USAGE_COUNT_LIMIT) {
+ aidl::android::hardware::security::keymint::KeyParameter param;
+ int pos = att_hw_enforced.find(auth_tag);
+ if (tag_security_level ==
+ aidl::android::hardware::security::keymint::SecurityLevel::SOFTWARE ||
+ tag_security_level ==
+ aidl::android::hardware::security::keymint::SecurityLevel::KEYSTORE) {
+ pos = att_sw_enforced.find(auth_tag);
+ if (pos == -1) {
+ LOG(ERROR) << "USAGE_COUNT_LIMIT not found in software enforced auth list";
+ cxx_result.error = KM_ERROR_INVALID_TAG;
+ return cxx_result;
+ }
+ param = att_sw_enforced[pos];
+ } else {
+ pos = att_hw_enforced.find(auth_tag);
+ if (pos == -1) {
+ LOG(ERROR) << "USAGE_COUNT_LIMIT not found in hardware enforced auth list";
+ cxx_result.error = KM_ERROR_INVALID_TAG;
+ return cxx_result;
+ }
+ param = att_hw_enforced[pos];
+ }
+ std::string val = std::to_string(
+ param.value
+ .get<aidl::android::hardware::security::keymint::KeyParameterValue::integer>());
+ std::move(val.begin(), val.end(), std::back_inserter(cxx_result.data));
+ return cxx_result;
+ }
+
int pos = att_hw_enforced.find(auth_tag);
if (pos == -1) {
LOG(ERROR) << "getValueFromAttestRecord - unsupported tag.";
@@ -696,3 +730,15 @@
std::move(val.begin(), val.end(), std::back_inserter(cxx_result.data));
return cxx_result;
}
+
+uint32_t getOsVersion() {
+ return aidl::android::hardware::security::keymint::getOsVersion();
+}
+
+uint32_t getOsPatchlevel() {
+ return aidl::android::hardware::security::keymint::getOsPatchlevel();
+}
+
+uint32_t getVendorPatchlevel() {
+ return aidl::android::hardware::security::keymint::getVendorPatchlevel();
+}
diff --git a/keystore2/test_utils/ffi_test_utils.hpp b/keystore2/test_utils/ffi_test_utils.hpp
index 3ed7edc..c4db1ba 100644
--- a/keystore2/test_utils/ffi_test_utils.hpp
+++ b/keystore2/test_utils/ffi_test_utils.hpp
@@ -1,13 +1,16 @@
#pragma once
-#include "rust/cxx.h"
#include "ffi_test_utils.rs.h"
+#include "rust/cxx.h"
bool validateCertChain(rust::Vec<rust::u8> cert_buf, uint32_t cert_len, bool strict_issuer_check);
CxxResult createWrappedKey(rust::Vec<rust::u8> encrypted_secure_key,
- rust::Vec<rust::u8> encrypted_transport_key,
- rust::Vec<rust::u8> iv,
- rust::Vec<rust::u8> tag);
+ rust::Vec<rust::u8> encrypted_transport_key, rust::Vec<rust::u8> iv,
+ rust::Vec<rust::u8> tag);
CxxResult buildAsn1DerEncodedWrappedKeyDescription();
bool performCryptoOpUsingKeystoreEngine(int64_t grant_id);
-CxxResult getValueFromAttestRecord(rust::Vec<rust::u8> cert_buf, int32_t tag);
+CxxResult getValueFromAttestRecord(rust::Vec<rust::u8> cert_buf, int32_t tag,
+ int32_t expected_sec_level);
+uint32_t getOsVersion();
+uint32_t getOsPatchlevel();
+uint32_t getVendorPatchlevel();
diff --git a/keystore2/test_utils/ffi_test_utils.rs b/keystore2/test_utils/ffi_test_utils.rs
index 95e3160..5d6bf46 100644
--- a/keystore2/test_utils/ffi_test_utils.rs
+++ b/keystore2/test_utils/ffi_test_utils.rs
@@ -15,7 +15,9 @@
//! This module implements helper methods to access the functionalities implemented in CPP.
use crate::key_generations::Error;
-use android_hardware_security_keymint::aidl::android::hardware::security::keymint::Tag::Tag;
+use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{
+ SecurityLevel::SecurityLevel, Tag::Tag,
+};
#[cxx::bridge]
mod ffi {
@@ -35,7 +37,14 @@
) -> CxxResult;
fn buildAsn1DerEncodedWrappedKeyDescription() -> CxxResult;
fn performCryptoOpUsingKeystoreEngine(grant_id: i64) -> bool;
- fn getValueFromAttestRecord(cert_buf: Vec<u8>, tag: i32) -> CxxResult;
+ fn getValueFromAttestRecord(
+ cert_buf: Vec<u8>,
+ tag: i32,
+ expected_sec_level: i32,
+ ) -> CxxResult;
+ fn getOsVersion() -> u32;
+ fn getOsPatchlevel() -> u32;
+ fn getVendorPatchlevel() -> u32;
}
}
@@ -95,10 +104,29 @@
}
/// Get the value of the given `Tag` from attestation record.
-pub fn get_value_from_attest_record(cert_buf: &[u8], tag: Tag) -> Result<Vec<u8>, Error> {
- let result = ffi::getValueFromAttestRecord(cert_buf.to_vec(), tag.0);
+pub fn get_value_from_attest_record(
+ cert_buf: &[u8],
+ tag: Tag,
+ expected_sec_level: SecurityLevel,
+) -> Result<Vec<u8>, Error> {
+ let result = ffi::getValueFromAttestRecord(cert_buf.to_vec(), tag.0, expected_sec_level.0);
if !result.error && !result.data.is_empty() {
return Ok(result.data);
}
Err(Error::AttestRecordGetValueFailed)
}
+
+/// Get OS Version
+pub fn get_os_version() -> u32 {
+ ffi::getOsVersion()
+}
+
+/// Get OS Patch Level
+pub fn get_os_patchlevel() -> u32 {
+ ffi::getOsPatchlevel()
+}
+
+/// Get vendor Patch Level
+pub fn get_vendor_patchlevel() -> u32 {
+ ffi::getVendorPatchlevel()
+}
diff --git a/keystore2/test_utils/key_generations.rs b/keystore2/test_utils/key_generations.rs
index 0f9ecbe..ccf27bc 100644
--- a/keystore2/test_utils/key_generations.rs
+++ b/keystore2/test_utils/key_generations.rs
@@ -15,11 +15,13 @@
//! This module implements test utils to generate various types of keys.
use anyhow::Result;
-
use core::ops::Range;
+use nix::unistd::getuid;
use std::collections::HashSet;
use std::fmt::Write;
+use binder::ThreadState;
+
use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{
Algorithm::Algorithm, BlockMode::BlockMode, Digest::Digest, EcCurve::EcCurve,
ErrorCode::ErrorCode, HardwareAuthenticatorType::HardwareAuthenticatorType,
@@ -27,7 +29,8 @@
KeyPurpose::KeyPurpose, PaddingMode::PaddingMode, Tag::Tag,
};
use android_system_keystore2::aidl::android::system::keystore2::{
- AuthenticatorSpec::AuthenticatorSpec, Authorization::Authorization, Domain::Domain,
+ AuthenticatorSpec::AuthenticatorSpec, Authorization::Authorization,
+ CreateOperationResponse::CreateOperationResponse, Domain::Domain,
IKeystoreSecurityLevel::IKeystoreSecurityLevel, KeyDescriptor::KeyDescriptor,
KeyMetadata::KeyMetadata, ResponseCode::ResponseCode,
};
@@ -35,6 +38,8 @@
use crate::authorizations::AuthSetBuilder;
use android_system_keystore2::binder::{ExceptionCode, Result as BinderResult};
+use crate::ffi_test_utils::{get_os_patchlevel, get_os_version, get_vendor_patchlevel};
+
/// Shell namespace.
pub const SELINUX_SHELL_NAMESPACE: i64 = 1;
/// Vold namespace.
@@ -388,7 +393,12 @@
authorizations.iter().any(|auth| &auth.keyParameter == key_param)
}
-fn check_key_authorizations(authorizations: &[Authorization], expected_params: &[KeyParameter]) {
+/// Verify the given key authorizations with the expected authorizations.
+pub fn check_key_authorizations(
+ authorizations: &[Authorization],
+ expected_params: &[KeyParameter],
+ expected_key_origin: KeyOrigin,
+) {
// Make sure key authorizations contains only `ALLOWED_TAGS_IN_KEY_AUTHS`
authorizations.iter().all(|auth| {
assert!(
@@ -410,6 +420,66 @@
}
true
});
+
+ check_common_auths(authorizations, expected_key_origin);
+}
+
+/// Verify common key authorizations.
+fn check_common_auths(authorizations: &[Authorization], expected_key_origin: KeyOrigin) {
+ assert!(check_key_param(
+ authorizations,
+ &KeyParameter {
+ tag: Tag::OS_VERSION,
+ value: KeyParameterValue::Integer(get_os_version().try_into().unwrap())
+ }
+ ));
+ assert!(check_key_param(
+ authorizations,
+ &KeyParameter {
+ tag: Tag::OS_PATCHLEVEL,
+ value: KeyParameterValue::Integer(get_os_patchlevel().try_into().unwrap())
+ }
+ ));
+
+ // Access denied for finding vendor-patch-level ("ro.vendor.build.security_patch") property
+ // in a test running with `untrusted_app` context. Keeping this check to verify
+ // vendor-patch-level in tests running with `su` context.
+ if getuid().is_root() {
+ assert!(check_key_param(
+ authorizations,
+ &KeyParameter {
+ tag: Tag::VENDOR_PATCHLEVEL,
+ value: KeyParameterValue::Integer(get_vendor_patchlevel().try_into().unwrap())
+ }
+ ));
+ }
+ assert!(check_key_param(
+ authorizations,
+ &KeyParameter { tag: Tag::ORIGIN, value: KeyParameterValue::Origin(expected_key_origin) }
+ ));
+ assert!(check_key_param(
+ authorizations,
+ &KeyParameter {
+ tag: Tag::USER_ID,
+ value: KeyParameterValue::Integer(
+ rustutils::users::multiuser_get_user_id(ThreadState::get_calling_uid())
+ .try_into()
+ .unwrap()
+ )
+ }
+ ));
+}
+
+/// Get the key `Authorization` for the given auth `Tag`.
+pub fn get_key_auth(authorizations: &[Authorization], tag: Tag) -> Option<&Authorization> {
+ let auths: Vec<&Authorization> =
+ authorizations.iter().filter(|auth| auth.keyParameter.tag == tag).collect();
+
+ if !auths.is_empty() {
+ Some(auths[0])
+ } else {
+ None
+ }
}
/// Generate EC Key using given security level and domain with below key parameters and
@@ -455,7 +525,11 @@
assert!(key_metadata.key.blob.is_some());
}
- check_key_authorizations(&key_metadata.authorizations, &gen_params);
+ check_key_authorizations(
+ &key_metadata.authorizations,
+ &gen_params,
+ KeyOrigin::GENERATED,
+ );
Ok(key_metadata)
}
Err(e) => Err(e),
@@ -498,7 +572,7 @@
} else {
assert!(key_metadata.key.blob.is_none());
}
- check_key_authorizations(&key_metadata.authorizations, &gen_params);
+ check_key_authorizations(&key_metadata.authorizations, &gen_params, KeyOrigin::GENERATED);
Ok(key_metadata)
}
@@ -560,7 +634,7 @@
|| key_metadata.key.blob.is_none()
);
- check_key_authorizations(&key_metadata.authorizations, &gen_params);
+ check_key_authorizations(&key_metadata.authorizations, &gen_params, KeyOrigin::GENERATED);
// If `RSA_OAEP_MGF_DIGEST` tag is not mentioned explicitly while generating/importing a key,
// then make sure `RSA_OAEP_MGF_DIGEST` tag with default value (SHA1) must not be included in
// key authorization list.
@@ -617,7 +691,7 @@
// Should not have an attestation record.
assert!(key_metadata.certificateChain.is_none());
- check_key_authorizations(&key_metadata.authorizations, &gen_params);
+ check_key_authorizations(&key_metadata.authorizations, &gen_params, KeyOrigin::GENERATED);
Ok(key_metadata)
}
@@ -657,7 +731,7 @@
// Should not have an attestation record.
assert!(key_metadata.certificateChain.is_none());
- check_key_authorizations(&key_metadata.authorizations, &gen_params);
+ check_key_authorizations(&key_metadata.authorizations, &gen_params, KeyOrigin::GENERATED);
Ok(key_metadata)
}
@@ -742,7 +816,11 @@
// Should have an attestation record.
assert!(attestation_key_metadata.certificateChain.is_some());
- check_key_authorizations(&attestation_key_metadata.authorizations, &gen_params);
+ check_key_authorizations(
+ &attestation_key_metadata.authorizations,
+ &gen_params,
+ KeyOrigin::GENERATED,
+ );
Ok(attestation_key_metadata)
}
@@ -777,7 +855,7 @@
// Shouldn't have an attestation record.
assert!(ec_key_metadata.certificateChain.is_none());
- check_key_authorizations(&ec_key_metadata.authorizations, &ec_gen_params);
+ check_key_authorizations(&ec_key_metadata.authorizations, &ec_gen_params, KeyOrigin::GENERATED);
Ok(ec_key_metadata)
}
@@ -802,7 +880,7 @@
assert!(key_metadata.certificate.is_some());
assert!(key_metadata.certificateChain.is_none());
- check_key_authorizations(&key_metadata.authorizations, &import_params);
+ check_key_authorizations(&key_metadata.authorizations, &import_params, KeyOrigin::IMPORTED);
// Check below auths explicitly, they might not be addd in import parameters.
assert!(check_key_param(
@@ -865,7 +943,7 @@
assert!(key_metadata.certificate.is_some());
assert!(key_metadata.certificateChain.is_none());
- check_key_authorizations(&key_metadata.authorizations, &import_params);
+ check_key_authorizations(&key_metadata.authorizations, &import_params, KeyOrigin::IMPORTED);
// Check below auths explicitly, they might not be addd in import parameters.
assert!(check_key_param(
@@ -917,7 +995,7 @@
AES_KEY,
)?;
- check_key_authorizations(&key_metadata.authorizations, &import_params);
+ check_key_authorizations(&key_metadata.authorizations, &import_params, KeyOrigin::IMPORTED);
// Check below auths explicitly, they might not be addd in import parameters.
assert!(check_key_param(
@@ -976,7 +1054,7 @@
TRIPLE_DES_KEY,
)?;
- check_key_authorizations(&key_metadata.authorizations, &import_params);
+ check_key_authorizations(&key_metadata.authorizations, &import_params, KeyOrigin::IMPORTED);
// Check below auths explicitly, they might not be addd in import parameters.
assert!(check_key_param(
@@ -1036,7 +1114,7 @@
HMAC_KEY,
)?;
- check_key_authorizations(&key_metadata.authorizations, &import_params);
+ check_key_authorizations(&key_metadata.authorizations, &import_params, KeyOrigin::IMPORTED);
// Check below auths explicitly, they might not be addd in import parameters.
assert!(check_key_param(
@@ -1188,7 +1266,11 @@
assert!(key_metadata.key.blob.is_some());
}
- check_key_authorizations(&key_metadata.authorizations, &gen_params);
+ check_key_authorizations(
+ &key_metadata.authorizations,
+ &gen_params,
+ KeyOrigin::GENERATED,
+ );
Ok(key_metadata)
}
Err(e) => Err(e),
@@ -1288,3 +1370,51 @@
b"entropy",
)
}
+
+/// Generate Key and validate key characteristics.
+pub fn generate_key(
+ sec_level: &binder::Strong<dyn IKeystoreSecurityLevel>,
+ gen_params: &AuthSetBuilder,
+ alias: &str,
+) -> binder::Result<KeyMetadata> {
+ let key_metadata = sec_level.generateKey(
+ &KeyDescriptor {
+ domain: Domain::APP,
+ nspace: -1,
+ alias: Some(alias.to_string()),
+ blob: None,
+ },
+ None,
+ gen_params,
+ 0,
+ b"entropy",
+ )?;
+
+ if gen_params.iter().any(|kp| {
+ matches!(
+ kp.value,
+ KeyParameterValue::Algorithm(Algorithm::RSA)
+ | KeyParameterValue::Algorithm(Algorithm::EC)
+ )
+ }) {
+ assert!(key_metadata.certificate.is_some());
+ if gen_params.iter().any(|kp| kp.tag == Tag::ATTESTATION_CHALLENGE) {
+ assert!(key_metadata.certificateChain.is_some());
+ }
+ }
+ check_key_authorizations(&key_metadata.authorizations, gen_params, KeyOrigin::GENERATED);
+
+ Ok(key_metadata)
+}
+
+/// Generate a key using given authorizations and create an operation using the generated key.
+pub fn create_key_and_operation(
+ sec_level: &binder::Strong<dyn IKeystoreSecurityLevel>,
+ gen_params: &AuthSetBuilder,
+ op_params: &AuthSetBuilder,
+ alias: &str,
+) -> binder::Result<CreateOperationResponse> {
+ let key_metadata = generate_key(sec_level, gen_params, alias)?;
+
+ sec_level.createOperation(&key_metadata.key, op_params, false)
+}
diff --git a/keystore2/tests/keystore2_client_attest_key_tests.rs b/keystore2/tests/keystore2_client_attest_key_tests.rs
index f3228ea..c9ef298 100644
--- a/keystore2/tests/keystore2_client_attest_key_tests.rs
+++ b/keystore2/tests/keystore2_client_attest_key_tests.rs
@@ -556,9 +556,12 @@
cert_chain.extend(attest_key_metadata.certificateChain.as_ref().unwrap());
validate_certchain(&cert_chain).expect("Error while validating cert chain");
- let attest_id_value =
- get_value_from_attest_record(key_metadata.certificate.as_ref().unwrap(), attest_id)
- .expect("Attest id verification failed.");
+ let attest_id_value = get_value_from_attest_record(
+ key_metadata.certificate.as_ref().unwrap(),
+ attest_id,
+ SecurityLevel::TRUSTED_ENVIRONMENT,
+ )
+ .expect("Attest id verification failed.");
assert_eq!(attest_id_value, value);
}
}
diff --git a/keystore2/tests/keystore2_client_authorizations_tests.rs b/keystore2/tests/keystore2_client_authorizations_tests.rs
new file mode 100644
index 0000000..fe48acd
--- /dev/null
+++ b/keystore2/tests/keystore2_client_authorizations_tests.rs
@@ -0,0 +1,592 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use std::time::SystemTime;
+
+use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{
+ Algorithm::Algorithm, BlockMode::BlockMode, Digest::Digest, EcCurve::EcCurve,
+ ErrorCode::ErrorCode, KeyPurpose::KeyPurpose, PaddingMode::PaddingMode,
+ SecurityLevel::SecurityLevel, Tag::Tag,
+};
+
+use android_system_keystore2::aidl::android::system::keystore2::{
+ IKeystoreSecurityLevel::IKeystoreSecurityLevel, KeyMetadata::KeyMetadata,
+ ResponseCode::ResponseCode,
+};
+
+use keystore2_test_utils::{
+ authorizations, get_keystore_service, key_generations, key_generations::Error,
+};
+
+use crate::keystore2_client_test_utils::{
+ delete_app_key, perform_sample_asym_sign_verify_op, perform_sample_hmac_sign_verify_op,
+ perform_sample_sym_key_decrypt_op, perform_sample_sym_key_encrypt_op, SAMPLE_PLAIN_TEXT,
+};
+
+use keystore2_test_utils::ffi_test_utils::get_value_from_attest_record;
+
+fn generate_key_and_perform_sign_verify_op_max_times(
+ sec_level: &binder::Strong<dyn IKeystoreSecurityLevel>,
+ gen_params: &authorizations::AuthSetBuilder,
+ alias: &str,
+ max_usage_count: i32,
+) -> binder::Result<KeyMetadata> {
+ let key_metadata = key_generations::generate_key(sec_level, gen_params, alias)?;
+
+ // Use above generated key `max_usage_count` times.
+ for _ in 0..max_usage_count {
+ perform_sample_asym_sign_verify_op(sec_level, &key_metadata, None, Some(Digest::SHA_2_256));
+ }
+
+ Ok(key_metadata)
+}
+
+/// Generate a key with `USAGE_COUNT_LIMIT` and verify the key characteristics. Test should be able
+/// to use the key successfully `max_usage_count` times. After exceeding key usage `max_usage_count`
+/// times subsequent attempts to use the key in test should fail with response code `KEY_NOT_FOUND`.
+/// Test should also verify that the attest record includes `USAGE_COUNT_LIMIT` for attested keys.
+fn generate_key_and_perform_op_with_max_usage_limit(
+ sec_level: &binder::Strong<dyn IKeystoreSecurityLevel>,
+ gen_params: &authorizations::AuthSetBuilder,
+ alias: &str,
+ max_usage_count: i32,
+ check_attestation: bool,
+) {
+ // Generate a key and use the key for `max_usage_count` times.
+ let key_metadata = generate_key_and_perform_sign_verify_op_max_times(
+ sec_level,
+ gen_params,
+ alias,
+ max_usage_count,
+ )
+ .unwrap();
+
+ let auth = key_generations::get_key_auth(&key_metadata.authorizations, Tag::USAGE_COUNT_LIMIT)
+ .unwrap();
+ if check_attestation {
+ // Check usage-count-limit is included in attest-record.
+ assert_ne!(
+ gen_params.iter().filter(|kp| kp.tag == Tag::ATTESTATION_CHALLENGE).count(),
+ 0,
+ "Attestation challenge is missing in generated key parameters."
+ );
+ let result = get_value_from_attest_record(
+ key_metadata.certificate.as_ref().unwrap(),
+ Tag::USAGE_COUNT_LIMIT,
+ auth.securityLevel,
+ )
+ .expect("Attest id verification failed.");
+ let usage_count: i32 = std::str::from_utf8(&result).unwrap().parse().unwrap();
+ assert_eq!(usage_count, max_usage_count);
+ }
+ if max_usage_count == 1 {
+ assert!(matches!(
+ auth.securityLevel,
+ SecurityLevel::KEYSTORE | SecurityLevel::TRUSTED_ENVIRONMENT
+ ));
+ } else {
+ assert_eq!(auth.securityLevel, SecurityLevel::KEYSTORE);
+ }
+
+ // Try to use the key one more time.
+ let result = key_generations::map_ks_error(sec_level.createOperation(
+ &key_metadata.key,
+ &authorizations::AuthSetBuilder::new().purpose(KeyPurpose::SIGN).digest(Digest::SHA_2_256),
+ false,
+ ));
+ assert!(result.is_err());
+ assert_eq!(Error::Rc(ResponseCode::KEY_NOT_FOUND), result.unwrap_err());
+}
+
+/// Generate a key with `ACTIVE_DATETIME` set to current time. Test should successfully generate
+/// a key and verify the key characteristics. Test should be able to create a sign operation using
+/// the generated key successfully.
+#[test]
+fn keystore2_gen_key_auth_active_datetime_test_success() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let duration_since_epoch = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap();
+ let active_datetime = duration_since_epoch.as_millis();
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .attestation_challenge(b"foo".to_vec())
+ .active_date_time(active_datetime.try_into().unwrap());
+
+ let alias = "ks_test_auth_tags_test";
+ let result = key_generations::create_key_and_operation(
+ &sec_level,
+ &gen_params,
+ &authorizations::AuthSetBuilder::new().purpose(KeyPurpose::SIGN).digest(Digest::SHA_2_256),
+ alias,
+ );
+ assert!(result.is_ok());
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate a key with `ACTIVE_DATETIME` set to future date and time. Test should successfully
+/// generate a key and verify the key characteristics. Try to create a sign operation
+/// using the generated key, test should fail to create an operation with error code
+/// `KEY_NOT_YET_VALID`.
+#[test]
+fn keystore2_gen_key_auth_future_active_datetime_test_op_fail() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let duration_since_epoch = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap();
+ let future_active_datetime = duration_since_epoch.as_millis() + (24 * 60 * 60 * 1000);
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .attestation_challenge(b"foo".to_vec())
+ .active_date_time(future_active_datetime.try_into().unwrap());
+
+ let alias = "ks_test_auth_tags_test";
+ let result = key_generations::map_ks_error(key_generations::create_key_and_operation(
+ &sec_level,
+ &gen_params,
+ &authorizations::AuthSetBuilder::new().purpose(KeyPurpose::SIGN).digest(Digest::SHA_2_256),
+ alias,
+ ));
+ assert!(result.is_err());
+ assert_eq!(Error::Km(ErrorCode::KEY_NOT_YET_VALID), result.unwrap_err());
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate a key with `ORIGINATION_EXPIRE_DATETIME` set to future date and time. Test should
+/// successfully generate a key and verify the key characteristics. Test should be able to create
+/// sign operation using the generated key successfully.
+#[test]
+fn keystore2_gen_key_auth_future_origination_expire_datetime_test_success() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let duration_since_epoch = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap();
+ let origination_expire_datetime = duration_since_epoch.as_millis() + (24 * 60 * 60 * 1000);
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .attestation_challenge(b"foo".to_vec())
+ .origination_expire_date_time(origination_expire_datetime.try_into().unwrap());
+
+ let alias = "ks_test_auth_tags_test";
+ let result = key_generations::create_key_and_operation(
+ &sec_level,
+ &gen_params,
+ &authorizations::AuthSetBuilder::new().purpose(KeyPurpose::SIGN).digest(Digest::SHA_2_256),
+ alias,
+ );
+ assert!(result.is_ok());
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate a key with `ORIGINATION_EXPIRE_DATETIME` set to current date and time. Test should
+/// successfully generate a key and verify the key characteristics. Try to create a sign operation
+/// using the generated key, test should fail to create an operation with error code
+/// `KEY_EXPIRED`.
+#[test]
+fn keystore2_gen_key_auth_origination_expire_datetime_test_op_fail() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let duration_since_epoch = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap();
+ let origination_expire_datetime = duration_since_epoch.as_millis();
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .attestation_challenge(b"foo".to_vec())
+ .origination_expire_date_time(origination_expire_datetime.try_into().unwrap());
+
+ let alias = "ks_test_auth_tags_test";
+ let result = key_generations::map_ks_error(key_generations::create_key_and_operation(
+ &sec_level,
+ &gen_params,
+ &authorizations::AuthSetBuilder::new().purpose(KeyPurpose::SIGN).digest(Digest::SHA_2_256),
+ alias,
+ ));
+ assert!(result.is_err());
+ assert_eq!(Error::Km(ErrorCode::KEY_EXPIRED), result.unwrap_err());
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate a HMAC key with `USAGE_EXPIRE_DATETIME` set to future date and time. Test should
+/// successfully generate a key and verify the key characteristics. Test should be able to create
+/// sign and verify operations using the generated key successfully.
+#[test]
+fn keystore2_gen_key_auth_future_usage_expire_datetime_hmac_verify_op_success() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let duration_since_epoch = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap();
+ let usage_expire_datetime = duration_since_epoch.as_millis() + (24 * 60 * 60 * 1000);
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::HMAC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .key_size(128)
+ .min_mac_length(256)
+ .digest(Digest::SHA_2_256)
+ .usage_expire_date_time(usage_expire_datetime.try_into().unwrap());
+
+ let alias = "ks_test_auth_tags_hmac_verify_success";
+ let key_metadata = key_generations::generate_key(&sec_level, &gen_params, alias).unwrap();
+
+ perform_sample_hmac_sign_verify_op(&sec_level, &key_metadata.key);
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate a key with `USAGE_EXPIRE_DATETIME` set to current date and time. Test should
+/// successfully generate a key and verify the key characteristics. Test should be able to create
+/// sign operation successfully and fail while performing verify operation with error code
+/// `KEY_EXPIRED`.
+#[test]
+fn keystore2_gen_key_auth_usage_expire_datetime_hmac_verify_op_fail() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let duration_since_epoch = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap();
+ let usage_expire_datetime = duration_since_epoch.as_millis();
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::HMAC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .key_size(128)
+ .min_mac_length(256)
+ .digest(Digest::SHA_2_256)
+ .usage_expire_date_time(usage_expire_datetime.try_into().unwrap());
+
+ let alias = "ks_test_auth_tags_hamc_verify_fail";
+ let key_metadata = key_generations::generate_key(&sec_level, &gen_params, alias).unwrap();
+
+ let result = key_generations::map_ks_error(
+ sec_level.createOperation(
+ &key_metadata.key,
+ &authorizations::AuthSetBuilder::new()
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256),
+ false,
+ ),
+ );
+ assert!(result.is_err());
+ assert_eq!(Error::Km(ErrorCode::KEY_EXPIRED), result.unwrap_err());
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate AES key with `USAGE_EXPIRE_DATETIME` set to future date and time. Test should
+/// successfully generate a key and verify the key characteristics. Test should be able to create
+/// Encrypt and Decrypt operations successfully.
+#[test]
+fn keystore2_gen_key_auth_usage_future_expire_datetime_decrypt_op_success() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let duration_since_epoch = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap();
+ let usage_expire_datetime = duration_since_epoch.as_millis() + (24 * 60 * 60 * 1000);
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::AES)
+ .purpose(KeyPurpose::ENCRYPT)
+ .purpose(KeyPurpose::DECRYPT)
+ .key_size(128)
+ .padding_mode(PaddingMode::PKCS7)
+ .block_mode(BlockMode::ECB)
+ .usage_expire_date_time(usage_expire_datetime.try_into().unwrap());
+
+ let alias = "ks_test_auth_tags_test";
+ let key_metadata = key_generations::generate_key(&sec_level, &gen_params, alias).unwrap();
+ let cipher_text = perform_sample_sym_key_encrypt_op(
+ &sec_level,
+ PaddingMode::PKCS7,
+ BlockMode::ECB,
+ &mut None,
+ None,
+ &key_metadata.key,
+ )
+ .unwrap();
+
+ assert!(cipher_text.is_some());
+
+ let plain_text = perform_sample_sym_key_decrypt_op(
+ &sec_level,
+ &cipher_text.unwrap(),
+ PaddingMode::PKCS7,
+ BlockMode::ECB,
+ &mut None,
+ None,
+ &key_metadata.key,
+ )
+ .unwrap();
+ assert!(plain_text.is_some());
+ assert_eq!(plain_text.unwrap(), SAMPLE_PLAIN_TEXT.to_vec());
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate AES key with `USAGE_EXPIRE_DATETIME` set to current date and time. Test should
+/// successfully generate a key and verify the key characteristics. Test should be able to create
+/// Encrypt operation successfully and fail while performing decrypt operation with error code
+/// `KEY_EXPIRED`.
+#[test]
+fn keystore2_gen_key_auth_usage_expire_datetime_decrypt_op_fail() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let duration_since_epoch = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap();
+ let usage_expire_datetime = duration_since_epoch.as_millis();
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::AES)
+ .purpose(KeyPurpose::ENCRYPT)
+ .purpose(KeyPurpose::DECRYPT)
+ .key_size(128)
+ .padding_mode(PaddingMode::PKCS7)
+ .block_mode(BlockMode::ECB)
+ .usage_expire_date_time(usage_expire_datetime.try_into().unwrap());
+
+ let alias = "ks_test_auth_tags_test";
+ let key_metadata = key_generations::generate_key(&sec_level, &gen_params, alias).unwrap();
+ let cipher_text = perform_sample_sym_key_encrypt_op(
+ &sec_level,
+ PaddingMode::PKCS7,
+ BlockMode::ECB,
+ &mut None,
+ None,
+ &key_metadata.key,
+ )
+ .unwrap();
+
+ assert!(cipher_text.is_some());
+
+ let result = key_generations::map_ks_error(perform_sample_sym_key_decrypt_op(
+ &sec_level,
+ &cipher_text.unwrap(),
+ PaddingMode::PKCS7,
+ BlockMode::ECB,
+ &mut None,
+ None,
+ &key_metadata.key,
+ ));
+ assert!(result.is_err());
+ assert_eq!(Error::Km(ErrorCode::KEY_EXPIRED), result.unwrap_err());
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate a key with `BOOTLOADER_ONLY`. Test should successfully generate
+/// a key and verify the key characteristics. Test should fail with error code `INVALID_KEY_BLOB`
+/// during creation of an operation using this key.
+#[test]
+fn keystore2_gen_key_auth_boot_loader_only_op_fail() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .attestation_challenge(b"foo".to_vec())
+ .boot_loader_only();
+
+ let alias = "ks_test_auth_tags_test";
+ let result = key_generations::map_ks_error(key_generations::create_key_and_operation(
+ &sec_level,
+ &gen_params,
+ &authorizations::AuthSetBuilder::new().purpose(KeyPurpose::SIGN).digest(Digest::SHA_2_256),
+ alias,
+ ));
+ assert!(result.is_err());
+ assert_eq!(Error::Km(ErrorCode::INVALID_KEY_BLOB), result.unwrap_err());
+}
+
+/// Generate a key with `EARLY_BOOT_ONLY`. Test should successfully generate
+/// a key and verify the key characteristics. Test should fail with error code `EARLY_BOOT_ENDED`
+/// during creation of an operation using this key.
+#[test]
+fn keystore2_gen_key_auth_early_boot_only_op_fail() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .attestation_challenge(b"foo".to_vec())
+ .early_boot_only();
+
+ let alias = "ks_test_auth_tags_test";
+ let result = key_generations::map_ks_error(key_generations::create_key_and_operation(
+ &sec_level,
+ &gen_params,
+ &authorizations::AuthSetBuilder::new().purpose(KeyPurpose::SIGN).digest(Digest::SHA_2_256),
+ alias,
+ ));
+ assert!(result.is_err());
+ assert_eq!(Error::Km(ErrorCode::EARLY_BOOT_ENDED), result.unwrap_err());
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate a key with `MAX_USES_PER_BOOT`. Test should successfully generate
+/// a key and verify the key characteristics. Test should be able to use the key successfully
+/// `MAX_USES_COUNT` times. After exceeding key usage `MAX_USES_COUNT` times
+/// subsequent attempts to use the key in test should fail with error code MAX_OPS_EXCEEDED.
+#[test]
+fn keystore2_gen_key_auth_max_uses_per_boot() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+ const MAX_USES_COUNT: i32 = 3;
+
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .attestation_challenge(b"foo".to_vec())
+ .max_uses_per_boot(MAX_USES_COUNT);
+
+ let alias = "ks_test_auth_tags_test";
+ // Generate a key and use the key for `MAX_USES_COUNT` times.
+ let key_metadata = generate_key_and_perform_sign_verify_op_max_times(
+ &sec_level,
+ &gen_params,
+ alias,
+ MAX_USES_COUNT,
+ )
+ .unwrap();
+
+ // Try to use the key one more time.
+ let result = key_generations::map_ks_error(sec_level.createOperation(
+ &key_metadata.key,
+ &authorizations::AuthSetBuilder::new().purpose(KeyPurpose::SIGN).digest(Digest::SHA_2_256),
+ false,
+ ));
+ assert!(result.is_err());
+ assert_eq!(Error::Km(ErrorCode::KEY_MAX_OPS_EXCEEDED), result.unwrap_err());
+ delete_app_key(&keystore2, alias).unwrap();
+}
+
+/// Generate a key with `USAGE_COUNT_LIMIT`. Test should successfully generate
+/// a key and verify the key characteristics. Test should be able to use the key successfully
+/// `MAX_USES_COUNT` times. After exceeding key usage `MAX_USES_COUNT` times
+/// subsequent attempts to use the key in test should fail with response code `KEY_NOT_FOUND`.
+/// Test should also verify that the attest record includes `USAGE_COUNT_LIMIT`.
+#[test]
+fn keystore2_gen_key_auth_usage_count_limit() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+ const MAX_USES_COUNT: i32 = 3;
+
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .attestation_challenge(b"foo".to_vec())
+ .usage_count_limit(MAX_USES_COUNT);
+
+ let alias = "ks_test_auth_tags_test";
+ generate_key_and_perform_op_with_max_usage_limit(
+ &sec_level,
+ &gen_params,
+ alias,
+ MAX_USES_COUNT,
+ true,
+ );
+}
+
+/// Generate a key with `USAGE_COUNT_LIMIT`. Test should successfully generate
+/// a key and verify the key characteristics. Test should be able to use the key successfully
+/// `MAX_USES_COUNT` times. After exceeding key usage `MAX_USES_COUNT` times
+/// subsequent attempts to use the key in test should fail with response code `KEY_NOT_FOUND`.
+/// Test should also verify that the attest record includes `USAGE_COUNT_LIMIT`.
+#[test]
+fn keystore2_gen_key_auth_usage_count_limit_one() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+ const MAX_USES_COUNT: i32 = 1;
+
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .attestation_challenge(b"foo".to_vec())
+ .usage_count_limit(MAX_USES_COUNT);
+
+ let alias = "ks_test_auth_tags_test";
+ generate_key_and_perform_op_with_max_usage_limit(
+ &sec_level,
+ &gen_params,
+ alias,
+ MAX_USES_COUNT,
+ true,
+ );
+}
+
+/// Generate a non-attested key with `USAGE_COUNT_LIMIT`. Test should successfully generate
+/// a key and verify the key characteristics. Test should be able to use the key successfully
+/// `MAX_USES_COUNT` times. After exceeding key usage `MAX_USES_COUNT` times
+/// subsequent attempts to use the key in test should fail with response code `KEY_NOT_FOUND`.
+#[test]
+fn keystore2_gen_non_attested_key_auth_usage_count_limit() {
+ let keystore2 = get_keystore_service();
+ let sec_level = keystore2.getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+ const MAX_USES_COUNT: i32 = 2;
+
+ let gen_params = authorizations::AuthSetBuilder::new()
+ .no_auth_required()
+ .algorithm(Algorithm::EC)
+ .purpose(KeyPurpose::SIGN)
+ .purpose(KeyPurpose::VERIFY)
+ .digest(Digest::SHA_2_256)
+ .ec_curve(EcCurve::P_256)
+ .usage_count_limit(MAX_USES_COUNT);
+
+ let alias = "ks_test_auth_tags_test";
+ generate_key_and_perform_op_with_max_usage_limit(
+ &sec_level,
+ &gen_params,
+ alias,
+ MAX_USES_COUNT,
+ false,
+ );
+}
diff --git a/keystore2/tests/keystore2_client_tests.rs b/keystore2/tests/keystore2_client_tests.rs
index 3b6a78c..ac7f19f 100644
--- a/keystore2/tests/keystore2_client_tests.rs
+++ b/keystore2/tests/keystore2_client_tests.rs
@@ -15,6 +15,7 @@
pub mod keystore2_client_3des_key_tests;
pub mod keystore2_client_aes_key_tests;
pub mod keystore2_client_attest_key_tests;
+pub mod keystore2_client_authorizations_tests;
pub mod keystore2_client_delete_key_tests;
pub mod keystore2_client_ec_key_tests;
pub mod keystore2_client_grant_key_tests;