From d0a5c1dda521c07e2cca4cf426490e8da399f481 Mon Sep 17 00:00:00 2001 From: nagendra modadugu Date: Wed, 6 Feb 2019 21:13:11 -0800 Subject: [PATCH] [DO NOT MERGE] keymaster: add an EC attestation test Add a test that creates an EC key by using key-bits (rather than curve-id), and check that the attestation message corresponds to key characteristics. Bug: 122375834 Bug: 119542230 Test: VTS passes Change-Id: Iad6ff2ca90a951124940943f2484f9fb9f813a19 --- .../functional/keymaster_hidl_hal_test.cpp | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp index 89bcca6a33..c1d8a95a7d 100644 --- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp +++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp @@ -3897,6 +3897,33 @@ TEST_F(AttestationTest, EcAttestation) { SecLevel(), cert_chain[0])); } +/* + * AttestationTest.EcAttestationByKeySize + * + * Verifies that attesting to EC keys works and generates the expected output. + */ +TEST_F(AttestationTest, EcAttestationByKeySize) { + ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() + .Authorization(TAG_NO_AUTH_REQUIRED) + .EcdsaSigningKey(256) + .Digest(Digest::SHA_2_256) + .Authorization(TAG_INCLUDE_UNIQUE_ID))); + + hidl_vec> cert_chain; + ASSERT_EQ(ErrorCode::OK, + AttestKey(AuthorizationSetBuilder() + .Authorization(TAG_ATTESTATION_CHALLENGE, HidlBuf("challenge")) + .Authorization(TAG_ATTESTATION_APPLICATION_ID, HidlBuf("foo")), + &cert_chain)); + EXPECT_GE(cert_chain.size(), 2U); + EXPECT_TRUE(verify_chain(cert_chain)); + + EXPECT_TRUE(verify_attestation_record("challenge", "foo", // + key_characteristics_.softwareEnforced, // + key_characteristics_.hardwareEnforced, // + SecLevel(), cert_chain[0])); +} + /* * AttestationTest.EcAttestationRequiresAttestationAppId *