tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

KeyMint: use a smaller invalid IMEI value

Browse source 
The invalid value used for the second IMEI attestation test is
potentially wrong in two ways:
- It doesn't match the provisioned value.
- It's not a valid IMEI, not least because it is longer than 16 bytes.

Make the test value shorter so the second failure doesn't apply and
the test can reliably expect CANNOT_ATTEST_IDS.

Bug: 292959871
Test: VtsAidlKeyMintTargetTest
Change-Id: If8c6b9e08b48e6caf5c767578e1ac43964214619
This commit is contained in:
David Drysdale 2023-08-07 11:53:46 +01:00
parent 966a4f13a5
commit 0215cb3d3e
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
security/keymint/aidl/vts/functional/AttestKeyTest.cpp
View file

@ -919,7 +919,9 @@ TEST_P(AttestKeyTest, EcdsaAttestationMismatchID) {
.Authorization(TAG_ATTESTATION_ID_MODEL, "malicious-model");
if (isSecondImeiIdAttestationRequired()) {
attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, "invalid-second-imei");
// Note: the invalid value here is < 16 bytes long to avoid triggering any implementation
// checks on valid IMEI lengths.
attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, "invalid-imei2");
}
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;