Add uniqueId to IRemotelyProvisionedComponent
This id is used to differentiate between implementations of the
IRemotelyProvisionedComponent interface. This is required to track
certificates and keys for each implementation. Without an implementation
id, we would have no way to associate persisted, remote provisioning
data with the appropriate IRemotelyProvisionedComponent.
Include VTS tests for compliance.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Bug: 194696876
Change-Id: Id8bca26d71ecf9e389e68a269f782a9dc5ee6f01
diff --git a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/RpcHardwareInfo.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/RpcHardwareInfo.aidl
index 06bce19..5ff45f8 100644
--- a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/RpcHardwareInfo.aidl
+++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/RpcHardwareInfo.aidl
@@ -38,6 +38,7 @@
int versionNumber;
@utf8InCpp String rpcAuthorName;
int supportedEekCurve = 0;
+ @nullable @utf8InCpp String uniqueId;
const int CURVE_NONE = 0;
const int CURVE_P256 = 1;
const int CURVE_25519 = 2;
diff --git a/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl b/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl
index d297f87..3a4c233 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl
@@ -53,4 +53,21 @@
* a passing implementation does not provide CURVE_NONE.
*/
int supportedEekCurve = CURVE_NONE;
+
+ /**
+ * uniqueId is an opaque identifier for this IRemotelyProvisionedComponent implementation. The
+ * client should NOT interpret the content of the identifier in any way. The client can only
+ * compare identifiers to determine if two IRemotelyProvisionedComponents share the same
+ * implementation. Each IRemotelyProvisionedComponent implementation must have a distinct
+ * identifier from all other implementations on the same device.
+ *
+ * This identifier must be consistent across reboots, as it is used to store and track
+ * provisioned keys in a persistent, on-device database.
+ *
+ * uniqueId may not be empty, and must not be any longer than 32 characters.
+ *
+ * This field was added in API version 2.
+ *
+ */
+ @nullable @utf8InCpp String uniqueId;
}
diff --git a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
index c9d506f..829780d 100644
--- a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
+++ b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
@@ -20,6 +20,7 @@
#include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h>
#include <aidl/android/hardware/security/keymint/SecurityLevel.h>
#include <android/binder_manager.h>
+#include <binder/IServiceManager.h>
#include <cppbor_parse.h>
#include <gmock/gmock.h>
#include <keymaster/cppcose/cppcose.h>
@@ -29,6 +30,7 @@
#include <openssl/ec_key.h>
#include <openssl/x509.h>
#include <remote_prov/remote_prov_utils.h>
+#include <set>
#include <vector>
#include "KeyMintAidlTestBase.h"
@@ -40,6 +42,8 @@
namespace {
+constexpr int32_t VERSION_WITH_UNIQUE_ID_SUPPORT = 2;
+
#define INSTANTIATE_REM_PROV_AIDL_TEST(name) \
GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(name); \
INSTANTIATE_TEST_SUITE_P( \
@@ -47,6 +51,7 @@
testing::ValuesIn(VtsRemotelyProvisionedComponentTests::build_params()), \
::android::PrintInstanceNameToString)
+using ::android::sp;
using bytevec = std::vector<uint8_t>;
using testing::MatchesRegex;
using namespace remote_prov;
@@ -175,6 +180,67 @@
std::shared_ptr<IRemotelyProvisionedComponent> provisionable_;
};
+/**
+ * Verify that every implementation reports a different unique id.
+ */
+TEST(NonParameterizedTests, eachRpcHasAUniqueId) {
+ std::set<std::string> uniqueIds;
+ for (auto hal : ::android::getAidlHalInstanceNames(IRemotelyProvisionedComponent::descriptor)) {
+ ASSERT_TRUE(AServiceManager_isDeclared(hal.c_str()));
+ ::ndk::SpAIBinder binder(AServiceManager_waitForService(hal.c_str()));
+ std::shared_ptr<IRemotelyProvisionedComponent> rpc =
+ IRemotelyProvisionedComponent::fromBinder(binder);
+ ASSERT_NE(rpc, nullptr);
+
+ RpcHardwareInfo hwInfo;
+ ASSERT_TRUE(rpc->getHardwareInfo(&hwInfo).isOk());
+
+ int32_t version;
+ ASSERT_TRUE(rpc->getInterfaceVersion(&version).isOk());
+ if (version >= VERSION_WITH_UNIQUE_ID_SUPPORT) {
+ ASSERT_TRUE(hwInfo.uniqueId);
+ auto [_, wasInserted] = uniqueIds.insert(*hwInfo.uniqueId);
+ EXPECT_TRUE(wasInserted);
+ } else {
+ ASSERT_FALSE(hwInfo.uniqueId);
+ }
+ }
+}
+
+using GetHardwareInfoTests = VtsRemotelyProvisionedComponentTests;
+
+INSTANTIATE_REM_PROV_AIDL_TEST(GetHardwareInfoTests);
+
+/**
+ * Verify that a valid curve is reported by the implementation.
+ */
+TEST_P(GetHardwareInfoTests, supportsValidCurve) {
+ RpcHardwareInfo hwInfo;
+ ASSERT_TRUE(provisionable_->getHardwareInfo(&hwInfo).isOk());
+
+ const std::set<int> validCurves = {RpcHardwareInfo::CURVE_P256, RpcHardwareInfo::CURVE_25519};
+ ASSERT_EQ(validCurves.count(hwInfo.supportedEekCurve), 1)
+ << "Invalid curve: " << hwInfo.supportedEekCurve;
+}
+
+/**
+ * Verify that the unique id is within the length limits as described in RpcHardwareInfo.aidl.
+ */
+TEST_P(GetHardwareInfoTests, uniqueId) {
+ int32_t version;
+ ASSERT_TRUE(provisionable_->getInterfaceVersion(&version).isOk());
+
+ if (version < VERSION_WITH_UNIQUE_ID_SUPPORT) {
+ return;
+ }
+
+ RpcHardwareInfo hwInfo;
+ ASSERT_TRUE(provisionable_->getHardwareInfo(&hwInfo).isOk());
+ ASSERT_TRUE(hwInfo.uniqueId);
+ EXPECT_GE(hwInfo.uniqueId->size(), 1);
+ EXPECT_LE(hwInfo.uniqueId->size(), 32);
+}
+
using GenerateKeyTests = VtsRemotelyProvisionedComponentTests;
INSTANTIATE_REM_PROV_AIDL_TEST(GenerateKeyTests);
