Snap for 11273583 from 8c5c1d81a95e89ece1aba12216e14854977ced30 to mainline-ipsec-releaseaml_ips_341611000 aml_ips_341510000

Change-Id: If969438f01b25ed21eda0aaf002fbf0b8624b05c
author: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> 2024-01-04 19:49:58 +0000
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> 2024-01-04 19:49:58 +0000
commit: 9e6c00f39250c1ebd459db3899a28af95e7d38a0 (patch)
tree: 4fd9b84cfd0b1a91c56cc005d6073fd6608976a1
parent: f1049e43ca41e16cfdc77c2d4412086f7e631df1 (diff)
parent: 8c5c1d81a95e89ece1aba12216e14854977ced30 (diff)
download: boringssl-aml_ips_341611000.tar.gz
6 files changed, 65 insertions, 42 deletions
diff --git a/Android.bp b/Android.bp
index 2ca2b75b..ca39dca1 100644
--- a/Android.bp
+++ b/Android.bp
@@ -161,6 +161,7 @@ cc_object {
         "com.android.compos",
         "com.android.conscrypt",
         "com.android.extservices",
+        "com.android.ondevicepersonalization",
         "com.android.resolv",
         "com.android.virt",
     ],
@@ -302,6 +303,7 @@ cc_library {
         "com.android.conscrypt",
         "com.android.extservices",
         "com.android.resolv",
+        "com.android.ondevicepersonalization",
         "com.android.virt",
     ],
     min_sdk_version: "29",
@@ -373,6 +375,7 @@ cc_library_static {
         "//hardware/interfaces/keymaster/4.0/vts/functional",
         "//hardware/interfaces/keymaster/4.1/vts/functional",
         "//packages/modules/adb",
+        "//packages/modules/AdServices:__subpackages__",
         "//packages/modules/Bluetooth:__subpackages__",
         "//packages/modules/DnsResolver/tests:__subpackages__",
         "//packages/modules/NeuralNetworks:__subpackages__",
@@ -387,6 +390,8 @@ cc_library_static {
     min_sdk_version: "29",
     apex_available: [
         "//apex_available:platform",
+        "com.android.adservices",
+        "com.android.extservices",
         "com.android.neuralnetworks",
     ],
     defaults: [
diff --git a/src/crypto/fipsmodule/self_check/self_check.c b/src/crypto/fipsmodule/self_check/self_check.c
index 525cd169..edfef6d4 100644
--- a/src/crypto/fipsmodule/self_check/self_check.c
+++ b/src/crypto/fipsmodule/self_check/self_check.c
@@ -918,11 +918,6 @@ static int boringssl_self_test_fast(void) {
   }
 
   // TLS KDF KAT
-  static const uint8_t kTLSSecret[32] = {
-      0xab, 0xc3, 0x65, 0x7b, 0x09, 0x4c, 0x76, 0x28, 0xa0, 0xb2, 0x82,
-      0x99, 0x6f, 0xe7, 0x5a, 0x75, 0xf4, 0x98, 0x4f, 0xd9, 0x4d, 0x4e,
-      0xcc, 0x2f, 0xcf, 0x53, 0xa2, 0xc4, 0x69, 0xa3, 0xf7, 0x31,
-  };
   static const char kTLSLabel[] = "FIPS self test";
   static const uint8_t kTLSSeed1[16] = {
       0x8f, 0x0d, 0xe8, 0xb6, 0x90, 0x8f, 0xb1, 0xd2,
@@ -932,17 +927,45 @@ static int boringssl_self_test_fast(void) {
       0x7d, 0x24, 0x1a, 0x9d, 0x3c, 0x59, 0xbf, 0x3c,
       0x31, 0x1e, 0x2b, 0x21, 0x41, 0x8d, 0x32, 0x81,
   };
-  static const uint8_t kTLSOutput[32] = {
-      0xe2, 0x1d, 0xd6, 0xc2, 0x68, 0xc7, 0x57, 0x03, 0x2c, 0x2c, 0xeb,
-      0xbb, 0xb8, 0xa9, 0x7d, 0xe9, 0xee, 0xe6, 0xc9, 0x47, 0x83, 0x0a,
-      0xbd, 0x11, 0x60, 0x5d, 0xd5, 0x2c, 0x47, 0xb6, 0x05, 0x88,
+
+  static const uint8_t kTLS10Secret[32] = {
+      0xab, 0xc3, 0x65, 0x7b, 0x09, 0x4c, 0x76, 0x28, 0xa0, 0xb2, 0x82,
+      0x99, 0x6f, 0xe7, 0x5a, 0x75, 0xf4, 0x98, 0x4f, 0xd9, 0x4d, 0x4e,
+      0xcc, 0x2f, 0xcf, 0x53, 0xa2, 0xc4, 0x69, 0xa3, 0xf7, 0x31,
+  };
+  static const uint8_t kTLS10Output[32] = {
+      0x69, 0x7c, 0x4e, 0x2c, 0xee, 0x82, 0xb1, 0xd2, 0x8b, 0xac, 0x90,
+      0x7a, 0xa1, 0x8a, 0x81, 0xfe, 0xc5, 0x58, 0x45, 0x57, 0x61, 0x2f,
+      0x7a, 0x8d, 0x80, 0xfb, 0x44, 0xd8, 0x81, 0x60, 0xe5, 0xf8,
+  };
+  uint8_t tls10_output[sizeof(kTLS10Output)];
+  if (!CRYPTO_tls1_prf(EVP_md5_sha1(), tls10_output, sizeof(tls10_output),
+                       kTLS10Secret, sizeof(kTLS10Secret), kTLSLabel,
+                       sizeof(kTLSLabel), kTLSSeed1, sizeof(kTLSSeed1),
+                       kTLSSeed2, sizeof(kTLSSeed2)) ||
+      !check_test(kTLS10Output, tls10_output, sizeof(kTLS10Output),
+                  "TLS10-KDF KAT")) {
+    fprintf(stderr, "TLS KDF failed.\n");
+    goto err;
+  }
+
+  static const uint8_t kTLS12Secret[32] = {
+      0xc5, 0x43, 0x8e, 0xe2, 0x6f, 0xd4, 0xac, 0xbd, 0x25, 0x9f, 0xc9,
+      0x18, 0x55, 0xdc, 0x69, 0xbf, 0x88, 0x4e, 0xe2, 0x93, 0x22, 0xfc,
+      0xbf, 0xd2, 0x96, 0x6a, 0x46, 0x23, 0xd4, 0x2e, 0xc7, 0x81,
+  };
+  static const uint8_t kTLS12Output[32] = {
+      0xee, 0x4a, 0xcd, 0x3f, 0xa3, 0xd3, 0x55, 0x89, 0x9e, 0x6f, 0xf1,
+      0x38, 0x46, 0x9d, 0x2b, 0x33, 0xaa, 0x7f, 0xc4, 0x7f, 0x51, 0x85,
+      0x8a, 0xf3, 0x13, 0x84, 0xbf, 0x53, 0x6a, 0x65, 0x37, 0x51,
   };
-  uint8_t tls_output[sizeof(kTLSOutput)];
-  if (!CRYPTO_tls1_prf(EVP_sha256(), tls_output, sizeof(tls_output), kTLSSecret,
-                       sizeof(kTLSSecret), kTLSLabel, sizeof(kTLSLabel),
-                       kTLSSeed1, sizeof(kTLSSeed1), kTLSSeed2,
-                       sizeof(kTLSSeed2)) ||
-      !check_test(kTLSOutput, tls_output, sizeof(kTLSOutput), "TLS-KDF KAT")) {
+  uint8_t tls12_output[sizeof(kTLS12Output)];
+  if (!CRYPTO_tls1_prf(EVP_sha256(), tls12_output, sizeof(tls12_output),
+                       kTLS12Secret, sizeof(kTLS12Secret), kTLSLabel,
+                       sizeof(kTLSLabel), kTLSSeed1, sizeof(kTLSSeed1),
+                       kTLSSeed2, sizeof(kTLSSeed2)) ||
+      !check_test(kTLS12Output, tls12_output, sizeof(kTLS12Output),
+                  "TLS12-KDF KAT")) {
     fprintf(stderr, "TLS KDF failed.\n");
     goto err;
   }
@@ -983,7 +1006,7 @@ static int boringssl_self_test_fast(void) {
       !check_test(kTLS13ExpandLabelOutput, tls13_expand_label_output,
                   sizeof(kTLS13ExpandLabelOutput),
                   "CRYPTO_tls13_hkdf_expand_label")) {
-    fprintf(stderr, "TLSv1.3 KDF failed.\n");
+    fprintf(stderr, "TLS13-KDF failed.\n");
     goto err;
   }
 
diff --git a/src/crypto/fipsmodule/service_indicator/service_indicator.c b/src/crypto/fipsmodule/service_indicator/service_indicator.c
index b1ea28e8..64325bea 100644
--- a/src/crypto/fipsmodule/service_indicator/service_indicator.c
+++ b/src/crypto/fipsmodule/service_indicator/service_indicator.c
@@ -303,14 +303,11 @@ void HMAC_verify_service_indicator(const EVP_MD *evp_md) {
 }
 
 void TLSKDF_verify_service_indicator(const EVP_MD *md) {
-  // HMAC-MD5, HMAC-SHA1, and HMAC-MD5/HMAC-SHA1 (both used concurrently) are
-  // approved for use in the KDF in TLS 1.0/1.1.
-  // HMAC-SHA{256, 384, 512} are approved for use in the KDF in TLS 1.2.
-  // These Key Derivation functions are to be used in the context of the TLS
-  // protocol.
+  // HMAC-MD5/HMAC-SHA1 (both used concurrently) is approved for use in the KDF
+  // in TLS 1.0/1.1. HMAC-SHA{256, 384, 512} are approved for use in the KDF in
+  // TLS 1.2. These Key Derivation functions are to be used in the context of
+  // the TLS protocol.
   switch (EVP_MD_type(md)) {
-    case NID_md5:
-    case NID_sha1:
     case NID_md5_sha1:
     case NID_sha256:
     case NID_sha384:
diff --git a/src/crypto/fipsmodule/service_indicator/service_indicator_test.cc b/src/crypto/fipsmodule/service_indicator/service_indicator_test.cc
index 4389b981..41f263db 100644
--- a/src/crypto/fipsmodule/service_indicator/service_indicator_test.cc
+++ b/src/crypto/fipsmodule/service_indicator/service_indicator_test.cc
@@ -422,24 +422,12 @@ static const uint8_t kTLSSeed2[16] = {
     0x31, 0x1e, 0x2b, 0x21, 0x41, 0x8d, 0x32, 0x81,
 };
 
-static const uint8_t kTLSOutput_mdsha1[32] = {
+static const uint8_t kTLSOutput_md5_sha1[32] = {
     0x36, 0xa9, 0x31, 0xb0, 0x43, 0xe3, 0x64, 0x72, 0xb9, 0x47, 0x54,
     0x0d, 0x8a, 0xfc, 0xe3, 0x5c, 0x1c, 0x15, 0x67, 0x7e, 0xa3, 0x5d,
     0xf2, 0x3a, 0x57, 0xfd, 0x50, 0x16, 0xe1, 0xa4, 0xa6, 0x37,
 };
 
-static const uint8_t kTLSOutput_md[32] = {
-    0x79, 0xef, 0x46, 0xc4, 0x35, 0xbc, 0xe5, 0xda, 0xd3, 0x66, 0x91,
-    0xdc, 0x86, 0x09, 0x41, 0x66, 0xf2, 0x0c, 0xeb, 0xe6, 0xab, 0x5c,
-    0x58, 0xf4, 0x65, 0xce, 0x2f, 0x5f, 0x4b, 0x34, 0x1e, 0xa1,
-};
-
-static const uint8_t kTLSOutput_sha1[32] = {
-    0xbb, 0x0a, 0x73, 0x52, 0xf8, 0x85, 0xd7, 0xbd, 0x12, 0x34, 0x78,
-    0x3b, 0x54, 0x4c, 0x75, 0xfe, 0xd7, 0x23, 0x6e, 0x22, 0x3f, 0x42,
-    0x34, 0x99, 0x57, 0x6b, 0x14, 0xc4, 0xc8, 0xae, 0x9f, 0x4c,
-};
-
 static const uint8_t kTLSOutput_sha224[32] = {
     0xdd, 0xaf, 0x6f, 0xaa, 0xd9, 0x2b, 0x3d, 0xb9, 0x46, 0x4c, 0x55,
     0x8a, 0xf7, 0xa6, 0x9b, 0x0b, 0x35, 0xcc, 0x07, 0xa7, 0x55, 0x5b,
@@ -1783,9 +1771,7 @@ static const struct KDFTestVector {
   const uint8_t *expected_output;
   const FIPSStatus expect_approved;
 } kKDFTestVectors[] = {
-    {EVP_md5, kTLSOutput_md, FIPSStatus::APPROVED},
-    {EVP_sha1, kTLSOutput_sha1, FIPSStatus::APPROVED},
-    {EVP_md5_sha1, kTLSOutput_mdsha1, FIPSStatus::APPROVED},
+    {EVP_md5_sha1, kTLSOutput_md5_sha1, FIPSStatus::APPROVED},
     {EVP_sha224, kTLSOutput_sha224, FIPSStatus::NOT_APPROVED},
     {EVP_sha256, kTLSOutput_sha256, FIPSStatus::APPROVED},
     {EVP_sha384, kTLSOutput_sha384, FIPSStatus::APPROVED},
diff --git a/src/util/fipstools/break-kat.go b/src/util/fipstools/break-kat.go
index e4d323ab..67c33002 100644
--- a/src/util/fipstools/break-kat.go
+++ b/src/util/fipstools/break-kat.go
@@ -1,5 +1,3 @@
-//go:build
-
 // break-kat corrupts a known-answer-test input in a binary and writes the
 // corrupted binary to stdout. This is used to demonstrate that the KATs in the
 // binary notice the error.
@@ -27,7 +25,8 @@ var (
 		"SHA-1":           "132fd9bad5c1826263bafbb699f707a5",
 		"SHA-256":         "ff3b857da7236a2baa0f396b51522217",
 		"SHA-512":         "212512f8d2ad8322781c6c4d69a9daa1",
-		"TLS-KDF":         "abc3657b094c7628a0b282996fe75a75f4984fd94d4ecc2fcf53a2c469a3f731",
+		"TLS10-KDF":       "abc3657b094c7628a0b282996fe75a75f4984fd94d4ecc2fcf53a2c469a3f731",
+		"TLS12-KDF":       "c5438ee26fd4acbd259fc91855dc69bf884ee29322fcbfd2966a4623d42ec781",
 		"TLS13-KDF":       "024a0d80f357f2499a1244dac26dab66fc13ed85fca71dace146211119525874",
 		"RSA-sign":        "d2b56e53306f720d7929d8708bf46f1c22300305582b115bedcac722d8aa5ab2",
 		"RSA-verify":      "abe2cbc13d6bd39d48db5334ddbf8d070a93bdcb104e2cc5d0ee486ee295f6b31bda126c41890b98b73e70e6b65d82f95c663121755a90744c8d1c21148a1960be0eca446e9ff497f1345c537ef8119b9a4398e95c5c6de2b1c955905c5299d8ce7a3b6ab76380d9babdd15f610237e1f3f2aa1c1f1e770b62fbb596381b2ebdd77ecef9c90d4c92f7b6b05fed2936285fa94826e62055322a33b6f04c74ce69e5d8d737fb838b79d2d48e3daf71387531882531a95ac964d02ea413bf85952982bbc089527daff5b845c9a0f4d14ef1956d9c3acae882d12da66da0f35794f5ee32232333517db9315232a183b991654dbea41615345c885325926744a53915",
diff --git a/src/util/fipstools/test_fips.c b/src/util/fipstools/test_fips.c
index 3a1f7fce..13b8d7d3 100644
--- a/src/util/fipstools/test_fips.c
+++ b/src/util/fipstools/test_fips.c
@@ -291,6 +291,19 @@ int main(int argc, char **argv) {
   printf("  got ");
   hexdump(hkdf_output, sizeof(hkdf_output));
 
+  /* TLS v1.0 KDF */
+  printf("About to run TLS v1.0 KDF\n");
+  uint8_t tls10_output[32];
+  if (!CRYPTO_tls1_prf(EVP_md5_sha1(), tls10_output, sizeof(tls10_output),
+                       kAESKey, sizeof(kAESKey), "foo", 3, kPlaintextSHA256,
+                       sizeof(kPlaintextSHA256), kPlaintextSHA256,
+                       sizeof(kPlaintextSHA256))) {
+    fprintf(stderr, "TLS v1.0 KDF failed.\n");
+    goto err;
+  }
+  printf("  got ");
+  hexdump(tls10_output, sizeof(tls10_output));
+
   /* TLS v1.2 KDF */
   printf("About to run TLS v1.2 KDF\n");
   uint8_t tls12_output[32];
author	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	2024-01-04 19:49:58 +0000
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	2024-01-04 19:49:58 +0000
commit	9e6c00f39250c1ebd459db3899a28af95e7d38a0 (patch)
tree	4fd9b84cfd0b1a91c56cc005d6073fd6608976a1
parent	f1049e43ca41e16cfdc77c2d4412086f7e631df1 (diff)
parent	8c5c1d81a95e89ece1aba12216e14854977ced30 (diff)
download	boringssl-aml_ips_341611000.tar.gz