tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

AesInvalidKeySize skip 192 on SB devices

Browse source 
This change alters the AesInvalidKeySize test to only enforce
against StrongBox instances on devices that launch on S or later,
not previously launched devices.

Ignore-AOSP-First: Cherrypick from AOSP
Bug: 191736606
Test: Test passes on a StrongBox enabled device
Change-Id: Ic0ff19d2d19d6e18dfbc0fad4b8182264f36b2f6
Merged-In: Ic0ff19d2d19d6e18dfbc0fad4b8182264f36b2f6
This commit is contained in:
Max Bires 2021-09-01 23:21:08 -07:00
parent dee204e13f
commit 3c2da9d21b
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
View file

@ -940,7 +940,13 @@ TEST_P(NewKeyGenerationTest, HmacDigestNone) {
* UNSUPPORTED_KEY_SIZE.
*/
TEST_P(NewKeyGenerationTest, AesInvalidKeySize) {
int32_t firstApiLevel = property_get_int32("ro.board.first_api_level", 0);
for (auto key_size : InvalidKeySizes(Algorithm::AES)) {
// The HAL specification was only clarified to exclude AES-192 for StrongBox in Android S,
// so allow devices that launched on earlier implementations to skip this check.
if (key_size == 192 && SecLevel() == SecurityLevel::STRONGBOX && firstApiLevel < 31) {
continue;
}
ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE,
GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)