Gitiles
Code Review Sign In
review.blissroms.org / platform_hardware_interfaces / 41cb84029ae02e5836d20a12de7778d70ea3a3da
commit41cb84029ae02e5836d20a12de7778d70ea3a3da[log] [tgz]
authorMatthew Maurer <mmaurer@google.com>Fri May 10 13:52:03 2019 -0700
committerMatthew Maurer <mmaurer@google.com>Fri May 10 14:27:53 2019 -0700
tree03e010b92c8155e13e965bcd961b32fd620e9ec8
parent48f0efb302d486600f6a4b3e3bcc61ac6088df81 [diff]
Use SHA_2_256 for importWrappedKey

The spec requires that SHA1 not be allowed for wrapped keys and that
only SHA_2_256 be used. Unfortunately, the previous VTS required SHA1
support. This patch takes the middle ground by requiring SHA_2_256 be
supported for importWrappedKey, but not disallowing it from supporting
SHA1.

This makes it possible for a spec compliant keymaster to pass VTS
while not disqualifying shipped devices.

Bug: 129291873
Test: atest VtsHalKeymasterV4_0TargetTest:ImportWrappedKeyTest, Trusty
Change-Id: I6c3a9182b51f2e7a46173d5bfc34d3c3264d954f
1 file changed
tree: 03e010b92c8155e13e965bcd961b32fd620e9ec8
  1. atrace/
  2. audio/
  3. authsecret/
  4. automotive/
  5. biometrics/
  6. bluetooth/
  7. boot/
  8. broadcastradio/
  9. camera/
  10. cas/
  11. compatibility_matrices/
  12. configstore/
  13. confirmationui/
  14. contexthub/
  15. drm/
  16. dumpstate/
  17. fastboot/
  18. gatekeeper/
  19. gnss/
  20. graphics/
  21. health/
  22. ir/
  23. keymaster/
  24. light/
  25. media/
  26. memtrack/
  27. neuralnetworks/
  28. nfc/
  29. oemlock/
  30. power/
  31. prebuilt_hashes/
  32. radio/
  33. renderscript/
  34. secure_element/
  35. sensors/
  36. soundtrigger/
  37. tests/
  38. tetheroffload/
  39. thermal/
  40. tv/
  41. usb/
  42. vibrator/
  43. vr/
  44. weaver/
  45. wifi/
  46. .clang-format ⇨ ../../build/soong/scripts/system-clang-format
  47. Android.bp
  48. CleanSpec.mk
  49. current.txt
  50. MODULE_LICENSE_APACHE2
  51. NOTICE
  52. OWNERS
  53. PREUPLOAD.cfg
  54. update-base-files.sh
  55. update-makefiles.sh