NIAP: Log key integrity failure to audit log.
Logs key integrity violation in two cases:
1. software-detected corruption of key blob.
2. keymaster operation returning INVALID_KEY_BLOB
Changed AES_gcm_decrypt to return VALUE_CORRUPTED on decryption errors
to be consistent with digest check for older version blob.
Bug: 70886042
Test: manual, by patching some bytes in the blob.
Test: cts-tradefed run cts -m CtsKeystoreTestCases
Change-Id: Ic8f6b7a2a49aee01253b429644af409e568d7deb
diff --git a/keystore/keystore_utils.cpp b/keystore/keystore_utils.cpp
index 3da3791..e5ae29a 100644
--- a/keystore/keystore_utils.cpp
+++ b/keystore/keystore_utils.cpp
@@ -24,6 +24,9 @@
#include <cutils/log.h>
#include <private/android_filesystem_config.h>
+#include <private/android_logger.h>
+
+#include <log/log_event_list.h>
#include <keystore/keymaster_types.h>
#include <keystore/keystore_client.h>
@@ -95,6 +98,12 @@
return uid / AID_USER;
}
+void log_key_integrity_violation(const char* name, uid_t uid) {
+ if (!__android_log_security()) return;
+ android_log_event_list(SEC_TAG_KEY_INTEGRITY_VIOLATION)
+ << name << int32_t(uid) << LOG_ID_SECURITY;
+}
+
namespace keystore {
hidl_vec<uint8_t> blob2hidlVec(const Blob& blob) {