Merge "Deprecate IRPC test mode key generation in V3." am: a19382bfaa am: 837bd68238 am: 728d37d6ab am: eabe7413ae am: f4fbd8e0ca am: 48b8ca8dca

Original change: https://android-review.googlesource.com/c/platform/external/libese/+/2615692

Change-Id: Ia6fb0db85dd76354d8c636c689bc9557c527b541
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

4 files changed, 21 insertions, 69 deletions

diff --git a/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMCose.java b/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMCose.java
index bcfb5f8..2854a71 100644
--- a/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMCose.java
+++ b/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMCose.java
@@ -250,11 +250,9 @@ public class KMCose {
    * Constructs array based on the tag values provided.
    *
    * @param tag array of tag values to be constructed.
-   * @param includeTestMode flag which indicates if TEST_COSE_KEY should be included or not.
    * @return instance of KMArray.
    */
-  private static short handleCosePairTags(
-      short[] tag, short[] keyValues, short valueIndex, boolean includeTestMode) {
+  private static short handleCosePairTags(short[] tag, short[] keyValues, short valueIndex) {
     short index = 0;
     // var is used to calculate the length of the array.
     short var = 0;
@@ -268,7 +266,6 @@ public class KMCose {
       }
       index++;
     }
-    var += includeTestMode ? 1 : 0;
     short arrPtr = KMArray.instance(var);
     index = 0;
     // var is used to index the array.
@@ -322,7 +319,7 @@ public class KMCose {
     for (short i = 4; i < 8; i++) {
       buff[i] = KMType.INVALID_VALUE;
     }
-    short ptr = handleCosePairTags(COSE_HEADER_LABELS, buff, (short) 4, false);
+    short ptr = handleCosePairTags(COSE_HEADER_LABELS, buff, (short) 4);
     ptr = KMCoseHeaders.instance(ptr);
     KMCoseHeaders.cast(ptr).canonicalize();
     return ptr;
@@ -373,7 +370,6 @@ public class KMCose {
    * @param pubKeyOff Start offset of the buffer.
    * @param pubKeyLen Length of the public key.
    * @param privKeyPtr Instance of the private key.
-   * @param testMode Represents if key is used in test mode or production mode.
    * @return Instance of the CoseKey structure.
    */
   public static short constructCoseKey(
@@ -385,8 +381,7 @@ public class KMCose {
       byte[] pubKey,
       short pubKeyOff,
       short pubKeyLen,
-      short privKeyPtr,
-      boolean testMode) {
+      short privKeyPtr) {
     if (pubKey[pubKeyOff] == 0x04) { // uncompressed format
       pubKeyOff += 1;
       pubKeyLen -= 1;
@@ -394,8 +389,7 @@ public class KMCose {
     pubKeyLen = (short) (pubKeyLen / 2);
     short xPtr = KMByteBlob.instance(pubKey, pubKeyOff, pubKeyLen);
     short yPtr = KMByteBlob.instance(pubKey, (short) (pubKeyOff + pubKeyLen), pubKeyLen);
-    short coseKey =
-        constructCoseKey(buff, keyType, keyId, keyAlg, curve, xPtr, yPtr, privKeyPtr, testMode);
+    short coseKey = constructCoseKey(buff, keyType, keyId, keyAlg, curve, xPtr, yPtr, privKeyPtr);
     KMCoseKey.cast(coseKey).canonicalize();
     return coseKey;
   }
@@ -411,7 +405,6 @@ public class KMCose {
    * @param pubX instance of KMByteBlob which holds EC public key's x value.
    * @param pubY instance of KMByteBlob which holds EC public key's y value.
    * @param priv instance of KMByteBlob which holds EC private value.
-   * @param includeTestKey flag which identifies whether to construct test key or production key.
    * @return instance of the KMCoseKey object.
    */
   public static short constructCoseKey(
@@ -422,8 +415,7 @@ public class KMCose {
       short curve,
       short pubX,
       short pubY,
-      short priv,
-      boolean includeTestKey) {
+      short priv) {
     short valueIndex = 7;
     buff[0] = keyType;
     buff[1] = keyId;
@@ -435,14 +427,7 @@ public class KMCose {
     for (short i = valueIndex; i < 16; i++) {
       buff[i] = KMType.INVALID_VALUE;
     }
-    short arrPtr = handleCosePairTags(COSE_KEY_LABELS, buff, valueIndex, includeTestKey);
-    if (includeTestKey) {
-      short testKey =
-          KMCosePairSimpleValueTag.instance(
-              KMNInteger.uint_32(KMCose.COSE_TEST_KEY, (short) 0),
-              KMSimpleValue.instance(KMSimpleValue.NULL));
-      KMArray.cast(arrPtr).add((short) (KMArray.cast(arrPtr).length() - 1), testKey);
-    }
+    short arrPtr = handleCosePairTags(COSE_KEY_LABELS, buff, valueIndex);
     arrPtr = KMCoseKey.instance(arrPtr);
     KMCoseKey.cast(arrPtr).canonicalize();
     return arrPtr;
diff --git a/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java b/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java
index 4a6acee..04fadea 100644
--- a/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java
+++ b/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java
@@ -1153,8 +1153,7 @@ public class KMKeymasterApplet extends Applet implements AppletEvent, ExtendedLe
             scratchPad,
             (short) 0,
             temp,
-            KMType.INVALID_VALUE,
-            false);
+            KMType.INVALID_VALUE);
     temp =
         KMKeymasterApplet.encodeToApduBuffer(
             coseKey, scratchPad, (short) 0, KMKeymasterApplet.MAX_COSE_BUF_SIZE);
diff --git a/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMRemotelyProvisionedComponentDevice.java b/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMRemotelyProvisionedComponentDevice.java
index da6d518..612bfcd 100644
--- a/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMRemotelyProvisionedComponentDevice.java
+++ b/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMRemotelyProvisionedComponentDevice.java
@@ -300,19 +300,13 @@ public class KMRemotelyProvisionedComponentDevice {
    * blob. It then generates a COSEMac message which includes the ECDSA public key.
    */
   public void processGenerateRkpKey(APDU apdu) {
-    short arr = KMArray.instance((short) 1);
-    KMArray.cast(arr).add((short) 0, KMSimpleValue.exp());
-    arr = KMKeymasterApplet.receiveIncoming(apdu, arr);
     // Re-purpose the apdu buffer as scratch pad.
     byte[] scratchPad = apdu.getBuffer();
-    // test mode flag.
-    boolean testMode =
-        (KMSimpleValue.TRUE == KMSimpleValue.cast(KMArray.cast(arr).get((short) 0)).getValue());
     KMKeymasterApplet.generateRkpKey(scratchPad, getEcAttestKeyParameters());
     short pubKey = KMKeymasterApplet.getPubKey();
-    short coseMac0 = constructCoseMacForRkpKey(testMode, scratchPad, pubKey);
+    short coseMac0 = constructCoseMacForRkpKey(scratchPad, pubKey);
     // Encode the COSE_MAC0 object
-    arr = KMArray.instance((short) 3);
+    short arr = KMArray.instance((short) 3);
     KMArray.cast(arr).add((short) 0, KMInteger.uint_16(KMError.OK));
     KMArray.cast(arr).add((short) 1, coseMac0);
     KMArray.cast(arr).add((short) 2, KMKeymasterApplet.getPivateKey());
@@ -878,8 +872,7 @@ public class KMRemotelyProvisionedComponentDevice {
         KMKeymasterApplet.encodeToApduBuffer(
             macStructure, scratchPad, (short) 0, KMKeymasterApplet.MAX_COSE_BUF_SIZE);
 
-    short hmacLen =
-        rkpHmacSign(testMode, scratchPad, (short) 0, encodedLen, scratchPad, encodedLen);
+    short hmacLen = rkpHmacSign(scratchPad, (short) 0, encodedLen, scratchPad, encodedLen);
 
     if (hmacLen
         != KMByteBlob.cast(KMArray.cast(coseMacPtr).get(KMCose.COSE_MAC0_TAG_OFFSET)).length()) {
@@ -1212,7 +1205,7 @@ public class KMRemotelyProvisionedComponentDevice {
     return lengthToSend;
   }
 
-  private short constructCoseMacForRkpKey(boolean testMode, byte[] scratchPad, short pubKey) {
+  private short constructCoseMacForRkpKey(byte[] scratchPad, short pubKey) {
     // prepare cosekey
     short coseKey =
         KMCose.constructCoseKey(
@@ -1224,8 +1217,7 @@ public class KMRemotelyProvisionedComponentDevice {
             KMByteBlob.cast(pubKey).getBuffer(),
             KMByteBlob.cast(pubKey).getStartOff(),
             KMByteBlob.cast(pubKey).length(),
-            KMType.INVALID_VALUE,
-            testMode);
+            KMType.INVALID_VALUE);
     // Encode the cose key and make it as payload.
     short len =
         KMKeymasterApplet.encodeToApduBuffer(
@@ -1252,7 +1244,7 @@ public class KMRemotelyProvisionedComponentDevice {
         KMKeymasterApplet.encodeToApduBuffer(
             macStructure, scratchPad, (short) 0, KMKeymasterApplet.MAX_COSE_BUF_SIZE);
     // HMAC Sign.
-    short hmacLen = rkpHmacSign(testMode, scratchPad, (short) 0, len, scratchPad, len);
+    short hmacLen = rkpHmacSign(scratchPad, (short) 0, len, scratchPad, len);
     // Create COSE_MAC0 object
     short coseMac0 =
         KMCose.constructCoseMac0(
@@ -1362,35 +1354,10 @@ public class KMRemotelyProvisionedComponentDevice {
   }
 
   private short rkpHmacSign(
-      boolean testMode,
-      byte[] data,
-      short dataStart,
-      short dataLength,
-      byte[] signature,
-      short signatureStart) {
-    short result;
-    if (testMode) {
-      short macKey = KMByteBlob.instance(EPHEMERAL_MAC_KEY_SIZE);
-      Util.arrayFillNonAtomic(
-          KMByteBlob.cast(macKey).getBuffer(),
-          KMByteBlob.cast(macKey).getStartOff(),
-          EPHEMERAL_MAC_KEY_SIZE,
-          (byte) 0);
-      result =
-          seProvider.hmacSign(
-              KMByteBlob.cast(macKey).getBuffer(),
-              KMByteBlob.cast(macKey).getStartOff(),
-              EPHEMERAL_MAC_KEY_SIZE,
-              data,
-              dataStart,
-              dataLength,
-              signature,
-              signatureStart);
-    } else {
-      result =
-          seProvider.hmacSign(
-              storeDataInst.getRkpMacKey(), data, dataStart, dataLength, signature, signatureStart);
-    }
+      byte[] data, short dataStart, short dataLength, byte[] signature, short signatureStart) {
+    short result =
+        seProvider.hmacSign(
+            storeDataInst.getRkpMacKey(), data, dataStart, dataLength, signature, signatureStart);
     return result;
   }
 }
diff --git a/ready_se/google/keymint/KM300/HAL/JavacardRemotelyProvisionedComponentDevice.cpp b/ready_se/google/keymint/KM300/HAL/JavacardRemotelyProvisionedComponentDevice.cpp
index c79889f..a6e46bf 100644
--- a/ready_se/google/keymint/KM300/HAL/JavacardRemotelyProvisionedComponentDevice.cpp
+++ b/ready_se/google/keymint/KM300/HAL/JavacardRemotelyProvisionedComponentDevice.cpp
@@ -115,9 +115,10 @@ ScopedAStatus JavacardRemotelyProvisionedComponentDevice::getHardwareInfo(RpcHar
 
 ScopedAStatus JavacardRemotelyProvisionedComponentDevice::generateEcdsaP256KeyPair(
     bool testMode, MacedPublicKey* macedPublicKey, std::vector<uint8_t>* privateKeyHandle) {
-    cppbor::Array array;
-    array.add(testMode);
-    auto [item, err] = card_->sendRequest(Instruction::INS_GENERATE_RKP_KEY_CMD, array);
+    if (testMode) {
+        return km_utils::kmError2ScopedAStatus(static_cast<keymaster_error_t>(STATUS_REMOVED));
+    }
+    auto [item, err] = card_->sendRequest(Instruction::INS_GENERATE_RKP_KEY_CMD);
     if (err != KM_ERROR_OK) {
         LOG(ERROR) << "Error in sending generateEcdsaP256KeyPair.";
         return km_utils::kmError2ScopedAStatus(translateRkpErrorCode(err));