From b745540445da1dc1e56d316c425da9ab8b418cf5 Mon Sep 17 00:00:00 2001 From: Pavel Grafov Date: Tue, 30 Jan 2018 21:17:08 +0000 Subject: [PATCH] Run and log BoringSSL self-test for NIAP compliance. Bug: 70886042 Test: manual, using "adb shell su system logcat -b security" Change-Id: I46f243838e2fb432995c7c89e4279d36a4788678 --- api/current.txt | 1 + api/system-current.txt | 2 +- core/java/android/app/admin/SecurityLog.java | 10 +++++ .../android/app/admin/SecurityLogTags.logtags | 3 +- services/core/jni/Android.bp | 1 + ...d_server_devicepolicy_CryptoTestHelper.cpp | 42 +++++++++++++++++++ services/core/jni/onload.cpp | 2 + .../server/devicepolicy/CryptoTestHelper.java | 30 +++++++++++++ .../DevicePolicyManagerService.java | 5 +++ .../DevicePolicyManagerServiceTestable.java | 3 ++ 10 files changed, 97 insertions(+), 2 deletions(-) create mode 100644 services/core/jni/com_android_server_devicepolicy_CryptoTestHelper.cpp create mode 100644 services/devicepolicy/java/com/android/server/devicepolicy/CryptoTestHelper.java diff --git a/api/current.txt b/api/current.txt index c03798f08fc9f..d121b69d18ee9 100644 --- a/api/current.txt +++ b/api/current.txt @@ -6739,6 +6739,7 @@ package android.app.admin { field public static final int TAG_APP_PROCESS_START = 210005; // 0x33455 field public static final int TAG_CERT_AUTHORITY_INSTALLED = 210029; // 0x3346d field public static final int TAG_CERT_AUTHORITY_REMOVED = 210030; // 0x3346e + field public static final int TAG_CRYPTO_SELF_TEST_COMPLETED = 210031; // 0x3346f field public static final int TAG_KEYGUARD_DISABLED_FEATURES_SET = 210021; // 0x33465 field public static final int TAG_KEYGUARD_DISMISSED = 210006; // 0x33456 field public static final int TAG_KEYGUARD_DISMISS_AUTH_ATTEMPT = 210007; // 0x33457 diff --git a/api/system-current.txt b/api/system-current.txt index 2d3b65a19b262..a68aad3955f89 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -30,8 +30,8 @@ package android { field public static final java.lang.String BIND_RUNTIME_PERMISSION_PRESENTER_SERVICE = "android.permission.BIND_RUNTIME_PERMISSION_PRESENTER_SERVICE"; field public static final java.lang.String BIND_SETTINGS_SUGGESTIONS_SERVICE = "android.permission.BIND_SETTINGS_SUGGESTIONS_SERVICE"; field public static final java.lang.String BIND_TELEPHONY_DATA_SERVICE = "android.permission.BIND_TELEPHONY_DATA_SERVICE"; - field public static final java.lang.String BIND_TEXTCLASSIFIER_SERVICE = "android.permission.BIND_TEXTCLASSIFIER_SERVICE"; field public static final java.lang.String BIND_TELEPHONY_NETWORK_SERVICE = "android.permission.BIND_TELEPHONY_NETWORK_SERVICE"; + field public static final java.lang.String BIND_TEXTCLASSIFIER_SERVICE = "android.permission.BIND_TEXTCLASSIFIER_SERVICE"; field public static final java.lang.String BIND_TRUST_AGENT = "android.permission.BIND_TRUST_AGENT"; field public static final java.lang.String BIND_TV_REMOTE_SERVICE = "android.permission.BIND_TV_REMOTE_SERVICE"; field public static final java.lang.String BLUETOOTH_PRIVILEGED = "android.permission.BLUETOOTH_PRIVILEGED"; diff --git a/core/java/android/app/admin/SecurityLog.java b/core/java/android/app/admin/SecurityLog.java index 08effd9c148aa..202b89496007d 100644 --- a/core/java/android/app/admin/SecurityLog.java +++ b/core/java/android/app/admin/SecurityLog.java @@ -77,6 +77,7 @@ public class SecurityLog { TAG_KEY_DESTRUCTION, TAG_CERT_AUTHORITY_INSTALLED, TAG_CERT_AUTHORITY_REMOVED, + TAG_CRYPTO_SELF_TEST_COMPLETED, }) public @interface SecurityLogTag {} @@ -399,6 +400,14 @@ public class SecurityLog { public static final int TAG_USER_RESTRICTION_REMOVED = SecurityLogTags.SECURITY_USER_RESTRICTION_REMOVED; + /** + * Indicates that cryptographic functionality self test has completed. The log entry contains an + * {@code Integer} payload, indicating the result of the test (0 if the test failed, 1 if + * succeeded) and accessible via {@link SecurityEvent#getData()}. + */ + public static final int TAG_CRYPTO_SELF_TEST_COMPLETED = + SecurityLogTags.SECURITY_CRYPTO_SELF_TEST_COMPLETED; + /** * Event severity level indicating that the event corresponds to normal workflow. */ @@ -529,6 +538,7 @@ public class SecurityLog { case TAG_USER_RESTRICTION_REMOVED: return LEVEL_INFO; case TAG_CERT_AUTHORITY_REMOVED: + case TAG_CRYPTO_SELF_TEST_COMPLETED: return getSuccess() ? LEVEL_INFO : LEVEL_ERROR; case TAG_CERT_AUTHORITY_INSTALLED: case TAG_KEYGUARD_DISMISS_AUTH_ATTEMPT: diff --git a/core/java/android/app/admin/SecurityLogTags.logtags b/core/java/android/app/admin/SecurityLogTags.logtags index be626786c3c63..b64b7e3e44327 100644 --- a/core/java/android/app/admin/SecurityLogTags.logtags +++ b/core/java/android/app/admin/SecurityLogTags.logtags @@ -34,4 +34,5 @@ option java_package android.app.admin 210027 security_user_restriction_added (package|3),(admin_user|1),(restriction|3) 210028 security_user_restriction_removed (package|3),(admin_user|1),(restriction|3) 210029 security_cert_authority_installed (success|1),(subject|3) -210030 security_cert_authority_removed (success|1),(subject|3) \ No newline at end of file +210030 security_cert_authority_removed (success|1),(subject|3) +210031 security_crypto_self_test_completed (success|1) \ No newline at end of file diff --git a/services/core/jni/Android.bp b/services/core/jni/Android.bp index 7540e26c4e8dd..5e003ff775fe7 100644 --- a/services/core/jni/Android.bp +++ b/services/core/jni/Android.bp @@ -24,6 +24,7 @@ cc_library_static { "com_android_server_connectivity_Vpn.cpp", "com_android_server_connectivity_tethering_OffloadHardwareInterface.cpp", "com_android_server_ConsumerIrService.cpp", + "com_android_server_devicepolicy_CryptoTestHelper.cpp", "com_android_server_HardwarePropertiesManagerService.cpp", "com_android_server_hdmi_HdmiCecController.cpp", "com_android_server_input_InputApplicationHandle.cpp", diff --git a/services/core/jni/com_android_server_devicepolicy_CryptoTestHelper.cpp b/services/core/jni/com_android_server_devicepolicy_CryptoTestHelper.cpp new file mode 100644 index 0000000000000..b53ea925e837e --- /dev/null +++ b/services/core/jni/com_android_server_devicepolicy_CryptoTestHelper.cpp @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2018 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "jni.h" +#include "core_jni_helpers.h" + +#include + +namespace { + +static jint runSelfTest(JNIEnv* env, jobject /* clazz */) { + return BORINGSSL_self_test(); +} + +static const JNINativeMethod methods[] = { + /* name, signature, funcPtr */ + {"runSelfTest", "()I", (void*) runSelfTest} +}; + +} // anonymous namespace + +namespace android { + +int register_android_server_devicepolicy_CryptoTestHelper(JNIEnv *env) { + return jniRegisterNativeMethods( + env, "com/android/server/devicepolicy/CryptoTestHelper", methods, NELEM(methods)); +} + +} // namespace android \ No newline at end of file diff --git a/services/core/jni/onload.cpp b/services/core/jni/onload.cpp index 07ddb0561f925..bf2a637cf54e0 100644 --- a/services/core/jni/onload.cpp +++ b/services/core/jni/onload.cpp @@ -42,6 +42,7 @@ int register_android_server_VibratorService(JNIEnv* env); int register_android_server_location_GnssLocationProvider(JNIEnv* env); int register_android_server_connectivity_Vpn(JNIEnv* env); int register_android_server_connectivity_tethering_OffloadHardwareInterface(JNIEnv*); +int register_android_server_devicepolicy_CryptoTestHelper(JNIEnv*); int register_android_server_hdmi_HdmiCecController(JNIEnv* env); int register_android_server_tv_TvUinputBridge(JNIEnv* env); int register_android_server_tv_TvInputHal(JNIEnv* env); @@ -88,6 +89,7 @@ extern "C" jint JNI_OnLoad(JavaVM* vm, void* /* reserved */) register_android_server_location_GnssLocationProvider(env); register_android_server_connectivity_Vpn(env); register_android_server_connectivity_tethering_OffloadHardwareInterface(env); + register_android_server_devicepolicy_CryptoTestHelper(env); register_android_server_ConsumerIrService(env); register_android_server_BatteryStatsService(env); register_android_server_hdmi_HdmiCecController(env); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/CryptoTestHelper.java b/services/devicepolicy/java/com/android/server/devicepolicy/CryptoTestHelper.java new file mode 100644 index 0000000000000..a20758e4b2daf --- /dev/null +++ b/services/devicepolicy/java/com/android/server/devicepolicy/CryptoTestHelper.java @@ -0,0 +1,30 @@ +/* + * Copyright (C) 2018 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.server.devicepolicy; + +import android.app.admin.SecurityLog; + +/** + * Helper to call native BoringSSL self test. + */ +public class CryptoTestHelper { + public static void runAndLogSelfTest() { + final int result = runSelfTest(); + SecurityLog.writeEvent(SecurityLog.TAG_CRYPTO_SELF_TEST_COMPLETED, result); + } + private static native int runSelfTest(); +} diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 953a79f625e6e..95e71edb68d9c 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -2044,6 +2044,10 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { public TransferOwnershipMetadataManager newTransferOwnershipMetadataManager() { return new TransferOwnershipMetadataManager(); } + + public void runCryptoSelfTest() { + CryptoTestHelper.runAndLogSelfTest(); + } } /** @@ -2296,6 +2300,7 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { if (hasDeviceOwner && mInjector.securityLogGetLoggingEnabledProperty()) { mSecurityLogMonitor.start(); + mInjector.runCryptoSelfTest(); maybePauseDeviceWideLoggingLocked(); } } diff --git a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java index 00e27c9a54cb1..ab0bfefbbd4d2 100644 --- a/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java +++ b/services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerServiceTestable.java @@ -447,5 +447,8 @@ public class DevicePolicyManagerServiceTestable extends DevicePolicyManagerServi return new TransferOwnershipMetadataManager( new TransferOwnershipMetadataManagerTest.MockInjector()); } + + @Override + public void runCryptoSelfTest() {} } }