Ensure that test BCC are unique per call
If test mode BCC are repeatable, then the test CSR API becomes a
unique device id.
Bug: 192687735
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I85888173c7cfbcd26287a0258917e04b0ace0888
Merged-In: I85888173c7cfbcd26287a0258917e04b0ace0888
diff --git a/android_keymaster/android_keymaster.cpp b/android_keymaster/android_keymaster.cpp
index 34c4b18..5ab4c1c 100644
--- a/android_keymaster/android_keymaster.cpp
+++ b/android_keymaster/android_keymaster.cpp
@@ -421,7 +421,7 @@
std::vector<uint8_t> devicePrivKey;
cppbor::Array bcc;
if (request.test_mode) {
- std::tie(devicePrivKey, bcc) = rem_prov_ctx->GenerateBcc();
+ std::tie(devicePrivKey, bcc) = rem_prov_ctx->GenerateBcc(/*testMode=*/true);
} else {
devicePrivKey = rem_prov_ctx->devicePrivKey_;
auto clone = rem_prov_ctx->bcc_.clone();
diff --git a/contexts/pure_soft_remote_provisioning_context.cpp b/contexts/pure_soft_remote_provisioning_context.cpp
index e79a856..a943f42 100644
--- a/contexts/pure_soft_remote_provisioning_context.cpp
+++ b/contexts/pure_soft_remote_provisioning_context.cpp
@@ -25,6 +25,7 @@
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/hkdf.h>
+#include <openssl/rand.h>
namespace keymaster {
@@ -38,7 +39,7 @@
constexpr uint32_t kMacKeyLength = 32;
PureSoftRemoteProvisioningContext::PureSoftRemoteProvisioningContext() {
- std::tie(devicePrivKey_, bcc_) = GenerateBcc();
+ std::tie(devicePrivKey_, bcc_) = GenerateBcc(/*testMode=*/false);
}
PureSoftRemoteProvisioningContext::~PureSoftRemoteProvisioningContext() {}
@@ -84,13 +85,17 @@
}
std::pair<std::vector<uint8_t> /* privKey */, cppbor::Array /* BCC */>
-PureSoftRemoteProvisioningContext::GenerateBcc() const {
+PureSoftRemoteProvisioningContext::GenerateBcc(bool testMode) const {
std::vector<uint8_t> privKey(ED25519_PRIVATE_KEY_LEN);
std::vector<uint8_t> pubKey(ED25519_PUBLIC_KEY_LEN);
uint8_t seed[32]; // Length is hard-coded in the BoringCrypto API
- auto seed_vector = DeriveBytesFromHbk("Device Key Seed", sizeof(seed));
- std::copy(seed_vector.begin(), seed_vector.end(), seed);
+ if (testMode) {
+ RAND_bytes(seed, sizeof(seed));
+ } else {
+ auto seed_vector = DeriveBytesFromHbk("Device Key Seed", sizeof(seed));
+ std::copy(seed_vector.begin(), seed_vector.end(), seed);
+ }
ED25519_keypair_from_seed(pubKey.data(), privKey.data(), seed);
auto coseKey = cppbor::Map()
diff --git a/include/keymaster/contexts/pure_soft_remote_provisioning_context.h b/include/keymaster/contexts/pure_soft_remote_provisioning_context.h
index 98baa0a..307795b 100644
--- a/include/keymaster/contexts/pure_soft_remote_provisioning_context.h
+++ b/include/keymaster/contexts/pure_soft_remote_provisioning_context.h
@@ -32,7 +32,7 @@
std::vector<uint8_t> DeriveBytesFromHbk(const std::string& context,
size_t numBytes) const override;
std::unique_ptr<cppbor::Map> CreateDeviceInfo() const override;
- std::pair<std::vector<uint8_t>, cppbor::Array> GenerateBcc() const override;
+ std::pair<std::vector<uint8_t>, cppbor::Array> GenerateBcc(bool testMode) const override;
std::optional<cppcose::HmacSha256>
GenerateHmacSha256(const cppcose::bytevec& input) const override;
};
diff --git a/include/keymaster/remote_provisioning_context.h b/include/keymaster/remote_provisioning_context.h
index 656a1e6..a5c4d1d 100644
--- a/include/keymaster/remote_provisioning_context.h
+++ b/include/keymaster/remote_provisioning_context.h
@@ -34,7 +34,7 @@
virtual std::vector<uint8_t> DeriveBytesFromHbk(const std::string& context,
size_t numBytes) const = 0;
virtual std::unique_ptr<cppbor::Map> CreateDeviceInfo() const = 0;
- virtual std::pair<std::vector<uint8_t>, cppbor::Array> GenerateBcc() const = 0;
+ virtual std::pair<std::vector<uint8_t>, cppbor::Array> GenerateBcc(bool testMode) const = 0;
// Generate an HMAC-SHA256 over the given input. This is used to verify a given
// input hasn't changed across multiple calls to the remote provisioning HAL.