Whenever generateKey
fails updated AttestKeyTests to abort instead of
continuing the execution of the test. If generateKey fails and execution continues then it leads to issues while verifying the attest records and causing the crash. Test: atest VtsAidlKeyMintTargetTest Bug: 292300030 Change-Id: I66bd650423e9e5bbbfe8411a1455c4ea5846f1ff
This commit is contained in:
parent
03a07174dd
commit
45b478f32e
1 changed files with 33 additions and 22 deletions
|
@ -133,7 +133,7 @@ TEST_P(AttestKeyTest, AllRsaSizes) {
|
||||||
vector<uint8_t> attested_key_blob;
|
vector<uint8_t> attested_key_blob;
|
||||||
vector<KeyCharacteristics> attested_key_characteristics;
|
vector<KeyCharacteristics> attested_key_characteristics;
|
||||||
vector<Certificate> attested_key_cert_chain;
|
vector<Certificate> attested_key_cert_chain;
|
||||||
EXPECT_EQ(ErrorCode::OK,
|
ASSERT_EQ(ErrorCode::OK,
|
||||||
GenerateKey(AuthorizationSetBuilder()
|
GenerateKey(AuthorizationSetBuilder()
|
||||||
.RsaSigningKey(2048, 65537)
|
.RsaSigningKey(2048, 65537)
|
||||||
.Authorization(TAG_NO_AUTH_REQUIRED)
|
.Authorization(TAG_NO_AUTH_REQUIRED)
|
||||||
|
@ -144,9 +144,11 @@ TEST_P(AttestKeyTest, AllRsaSizes) {
|
||||||
&attested_key_cert_chain));
|
&attested_key_cert_chain));
|
||||||
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
||||||
|
|
||||||
|
ASSERT_GT(attested_key_cert_chain.size(), 0);
|
||||||
|
|
||||||
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
||||||
SecLevel(),
|
SecLevel(),
|
||||||
attested_key_cert_chain[0].encodedCertificate));
|
attested_key_cert_chain[0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -163,7 +165,7 @@ TEST_P(AttestKeyTest, AllRsaSizes) {
|
||||||
*/
|
*/
|
||||||
attested_key_characteristics.resize(0);
|
attested_key_characteristics.resize(0);
|
||||||
attested_key_cert_chain.resize(0);
|
attested_key_cert_chain.resize(0);
|
||||||
EXPECT_EQ(ErrorCode::OK,
|
ASSERT_EQ(ErrorCode::OK,
|
||||||
GenerateKey(AuthorizationSetBuilder()
|
GenerateKey(AuthorizationSetBuilder()
|
||||||
.RsaEncryptionKey(2048, 65537)
|
.RsaEncryptionKey(2048, 65537)
|
||||||
.Digest(Digest::NONE)
|
.Digest(Digest::NONE)
|
||||||
|
@ -176,9 +178,11 @@ TEST_P(AttestKeyTest, AllRsaSizes) {
|
||||||
&attested_key_cert_chain));
|
&attested_key_cert_chain));
|
||||||
KeyBlobDeleter attested_deleter2(keymint_, attested_key_blob);
|
KeyBlobDeleter attested_deleter2(keymint_, attested_key_blob);
|
||||||
|
|
||||||
|
ASSERT_GT(attested_key_cert_chain.size(), 0);
|
||||||
|
|
||||||
hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "foo2", "bar2", sw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo2", "bar2", sw_enforced,
|
||||||
hw_enforced, SecLevel(),
|
hw_enforced, SecLevel(),
|
||||||
attested_key_cert_chain[0].encodedCertificate));
|
attested_key_cert_chain[0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -196,7 +200,7 @@ TEST_P(AttestKeyTest, AllRsaSizes) {
|
||||||
attested_key_characteristics.resize(0);
|
attested_key_characteristics.resize(0);
|
||||||
attested_key_cert_chain.resize(0);
|
attested_key_cert_chain.resize(0);
|
||||||
uint64_t timestamp = 1619621648000;
|
uint64_t timestamp = 1619621648000;
|
||||||
EXPECT_EQ(ErrorCode::OK,
|
ASSERT_EQ(ErrorCode::OK,
|
||||||
GenerateKey(AuthorizationSetBuilder()
|
GenerateKey(AuthorizationSetBuilder()
|
||||||
.EcdsaSigningKey(EcCurve::P_256)
|
.EcdsaSigningKey(EcCurve::P_256)
|
||||||
.Authorization(TAG_NO_AUTH_REQUIRED)
|
.Authorization(TAG_NO_AUTH_REQUIRED)
|
||||||
|
@ -208,6 +212,8 @@ TEST_P(AttestKeyTest, AllRsaSizes) {
|
||||||
&attested_key_cert_chain));
|
&attested_key_cert_chain));
|
||||||
KeyBlobDeleter attested_deleter3(keymint_, attested_key_blob);
|
KeyBlobDeleter attested_deleter3(keymint_, attested_key_blob);
|
||||||
|
|
||||||
|
ASSERT_GT(attested_key_cert_chain.size(), 0);
|
||||||
|
|
||||||
// The returned key characteristics will include CREATION_DATETIME (checked below)
|
// The returned key characteristics will include CREATION_DATETIME (checked below)
|
||||||
// in SecurityLevel::KEYSTORE; this will be stripped out in the CheckCharacteristics()
|
// in SecurityLevel::KEYSTORE; this will be stripped out in the CheckCharacteristics()
|
||||||
// call below, to match what getKeyCharacteristics() returns (which doesn't include
|
// call below, to match what getKeyCharacteristics() returns (which doesn't include
|
||||||
|
@ -223,7 +229,7 @@ TEST_P(AttestKeyTest, AllRsaSizes) {
|
||||||
EXPECT_TRUE(sw_enforced.Contains(TAG_CREATION_DATETIME, timestamp))
|
EXPECT_TRUE(sw_enforced.Contains(TAG_CREATION_DATETIME, timestamp))
|
||||||
<< "expected CREATION_TIMESTAMP in sw_enforced:" << sw_enforced
|
<< "expected CREATION_TIMESTAMP in sw_enforced:" << sw_enforced
|
||||||
<< " not in hw_enforced:" << hw_enforced;
|
<< " not in hw_enforced:" << hw_enforced;
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
||||||
SecLevel(),
|
SecLevel(),
|
||||||
attested_key_cert_chain[0].encodedCertificate));
|
attested_key_cert_chain[0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -313,7 +319,7 @@ TEST_P(AttestKeyTest, RsaAttestedAttestKeys) {
|
||||||
|
|
||||||
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attest_key_characteristics);
|
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attest_key_characteristics);
|
||||||
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attest_key_characteristics);
|
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attest_key_characteristics);
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), challenge, app_id, //
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), challenge, app_id, //
|
||||||
sw_enforced, hw_enforced, SecLevel(),
|
sw_enforced, hw_enforced, SecLevel(),
|
||||||
attest_key_cert_chain[0].encodedCertificate));
|
attest_key_cert_chain[0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -331,7 +337,7 @@ TEST_P(AttestKeyTest, RsaAttestedAttestKeys) {
|
||||||
uint64_t serial_int2 = 255;
|
uint64_t serial_int2 = 255;
|
||||||
vector<uint8_t> serial_blob2(build_serial_blob(serial_int2));
|
vector<uint8_t> serial_blob2(build_serial_blob(serial_int2));
|
||||||
|
|
||||||
EXPECT_EQ(ErrorCode::OK,
|
ASSERT_EQ(ErrorCode::OK,
|
||||||
GenerateKey(AuthorizationSetBuilder()
|
GenerateKey(AuthorizationSetBuilder()
|
||||||
.RsaSigningKey(2048, 65537)
|
.RsaSigningKey(2048, 65537)
|
||||||
.Authorization(TAG_NO_AUTH_REQUIRED)
|
.Authorization(TAG_NO_AUTH_REQUIRED)
|
||||||
|
@ -344,9 +350,11 @@ TEST_P(AttestKeyTest, RsaAttestedAttestKeys) {
|
||||||
&attested_key_cert_chain));
|
&attested_key_cert_chain));
|
||||||
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
||||||
|
|
||||||
|
ASSERT_GT(attested_key_cert_chain.size(), 0);
|
||||||
|
|
||||||
AuthorizationSet hw_enforced2 = HwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet hw_enforced2 = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
AuthorizationSet sw_enforced2 = SwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet sw_enforced2 = SwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced2, hw_enforced2,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced2, hw_enforced2,
|
||||||
SecLevel(),
|
SecLevel(),
|
||||||
attested_key_cert_chain[0].encodedCertificate));
|
attested_key_cert_chain[0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -414,7 +422,7 @@ TEST_P(AttestKeyTest, RsaAttestKeyChaining) {
|
||||||
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
ASSERT_GT(cert_chain_list[i].size(), 0);
|
ASSERT_GT(cert_chain_list[i].size(), 0);
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
||||||
SecLevel(),
|
SecLevel(),
|
||||||
cert_chain_list[i][0].encodedCertificate));
|
cert_chain_list[i][0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -489,7 +497,7 @@ TEST_P(AttestKeyTest, EcAttestKeyChaining) {
|
||||||
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
ASSERT_GT(cert_chain_list[i].size(), 0);
|
ASSERT_GT(cert_chain_list[i].size(), 0);
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
||||||
SecLevel(),
|
SecLevel(),
|
||||||
cert_chain_list[i][0].encodedCertificate));
|
cert_chain_list[i][0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -605,7 +613,7 @@ TEST_P(AttestKeyTest, AlternateAttestKeyChaining) {
|
||||||
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
ASSERT_GT(cert_chain_list[i].size(), 0);
|
ASSERT_GT(cert_chain_list[i].size(), 0);
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
||||||
SecLevel(),
|
SecLevel(),
|
||||||
cert_chain_list[i][0].encodedCertificate));
|
cert_chain_list[i][0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -655,7 +663,7 @@ TEST_P(AttestKeyTest, MissingChallenge) {
|
||||||
vector<uint8_t> attested_key_blob;
|
vector<uint8_t> attested_key_blob;
|
||||||
vector<KeyCharacteristics> attested_key_characteristics;
|
vector<KeyCharacteristics> attested_key_characteristics;
|
||||||
vector<Certificate> attested_key_cert_chain;
|
vector<Certificate> attested_key_cert_chain;
|
||||||
EXPECT_EQ(ErrorCode::ATTESTATION_CHALLENGE_MISSING,
|
ASSERT_EQ(ErrorCode::ATTESTATION_CHALLENGE_MISSING,
|
||||||
GenerateKey(AuthorizationSetBuilder()
|
GenerateKey(AuthorizationSetBuilder()
|
||||||
.RsaSigningKey(2048, 65537)
|
.RsaSigningKey(2048, 65537)
|
||||||
.Authorization(TAG_NO_AUTH_REQUIRED)
|
.Authorization(TAG_NO_AUTH_REQUIRED)
|
||||||
|
@ -664,7 +672,7 @@ TEST_P(AttestKeyTest, MissingChallenge) {
|
||||||
attest_key, &attested_key_blob, &attested_key_characteristics,
|
attest_key, &attested_key_blob, &attested_key_characteristics,
|
||||||
&attested_key_cert_chain));
|
&attested_key_cert_chain));
|
||||||
|
|
||||||
EXPECT_EQ(ErrorCode::ATTESTATION_CHALLENGE_MISSING,
|
ASSERT_EQ(ErrorCode::ATTESTATION_CHALLENGE_MISSING,
|
||||||
GenerateKey(AuthorizationSetBuilder()
|
GenerateKey(AuthorizationSetBuilder()
|
||||||
.EcdsaSigningKey(EcCurve::P_256)
|
.EcdsaSigningKey(EcCurve::P_256)
|
||||||
.Authorization(TAG_NO_AUTH_REQUIRED)
|
.Authorization(TAG_NO_AUTH_REQUIRED)
|
||||||
|
@ -702,7 +710,7 @@ TEST_P(AttestKeyTest, AllEcCurves) {
|
||||||
vector<uint8_t> attested_key_blob;
|
vector<uint8_t> attested_key_blob;
|
||||||
vector<KeyCharacteristics> attested_key_characteristics;
|
vector<KeyCharacteristics> attested_key_characteristics;
|
||||||
vector<Certificate> attested_key_cert_chain;
|
vector<Certificate> attested_key_cert_chain;
|
||||||
EXPECT_EQ(ErrorCode::OK,
|
ASSERT_EQ(ErrorCode::OK,
|
||||||
GenerateKey(AuthorizationSetBuilder()
|
GenerateKey(AuthorizationSetBuilder()
|
||||||
.RsaSigningKey(2048, 65537)
|
.RsaSigningKey(2048, 65537)
|
||||||
.Authorization(TAG_NO_AUTH_REQUIRED)
|
.Authorization(TAG_NO_AUTH_REQUIRED)
|
||||||
|
@ -717,7 +725,7 @@ TEST_P(AttestKeyTest, AllEcCurves) {
|
||||||
|
|
||||||
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
||||||
SecLevel(),
|
SecLevel(),
|
||||||
attested_key_cert_chain[0].encodedCertificate));
|
attested_key_cert_chain[0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -733,7 +741,7 @@ TEST_P(AttestKeyTest, AllEcCurves) {
|
||||||
/*
|
/*
|
||||||
* Use attestation key to sign EC key
|
* Use attestation key to sign EC key
|
||||||
*/
|
*/
|
||||||
EXPECT_EQ(ErrorCode::OK,
|
ASSERT_EQ(ErrorCode::OK,
|
||||||
GenerateKey(AuthorizationSetBuilder()
|
GenerateKey(AuthorizationSetBuilder()
|
||||||
.EcdsaSigningKey(EcCurve::P_256)
|
.EcdsaSigningKey(EcCurve::P_256)
|
||||||
.Authorization(TAG_NO_AUTH_REQUIRED)
|
.Authorization(TAG_NO_AUTH_REQUIRED)
|
||||||
|
@ -748,7 +756,7 @@ TEST_P(AttestKeyTest, AllEcCurves) {
|
||||||
|
|
||||||
hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
|
||||||
SecLevel(),
|
SecLevel(),
|
||||||
attested_key_cert_chain[0].encodedCertificate));
|
attested_key_cert_chain[0].encodedCertificate));
|
||||||
|
|
||||||
|
@ -786,7 +794,7 @@ TEST_P(AttestKeyTest, AttestWithNonAttestKey) {
|
||||||
vector<uint8_t> attested_key_blob;
|
vector<uint8_t> attested_key_blob;
|
||||||
vector<KeyCharacteristics> attested_key_characteristics;
|
vector<KeyCharacteristics> attested_key_characteristics;
|
||||||
vector<Certificate> attested_key_cert_chain;
|
vector<Certificate> attested_key_cert_chain;
|
||||||
EXPECT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
|
ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
|
||||||
GenerateKey(AuthorizationSetBuilder()
|
GenerateKey(AuthorizationSetBuilder()
|
||||||
.EcdsaSigningKey(EcCurve::P_256)
|
.EcdsaSigningKey(EcCurve::P_256)
|
||||||
.Authorization(TAG_NO_AUTH_REQUIRED)
|
.Authorization(TAG_NO_AUTH_REQUIRED)
|
||||||
|
@ -881,6 +889,7 @@ TEST_P(AttestKeyTest, EcdsaAttestationID) {
|
||||||
}
|
}
|
||||||
|
|
||||||
ASSERT_EQ(result, ErrorCode::OK);
|
ASSERT_EQ(result, ErrorCode::OK);
|
||||||
|
ASSERT_GT(attested_key_cert_chain.size(), 0);
|
||||||
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
||||||
|
|
||||||
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
|
@ -891,7 +900,7 @@ TEST_P(AttestKeyTest, EcdsaAttestationID) {
|
||||||
// attestation extension should contain them, so make sure the extra tag is added.
|
// attestation extension should contain them, so make sure the extra tag is added.
|
||||||
hw_enforced.push_back(tag);
|
hw_enforced.push_back(tag);
|
||||||
|
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "challenge", "foo", sw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "challenge", "foo", sw_enforced,
|
||||||
hw_enforced, SecLevel(),
|
hw_enforced, SecLevel(),
|
||||||
attested_key_cert_chain[0].encodedCertificate));
|
attested_key_cert_chain[0].encodedCertificate));
|
||||||
}
|
}
|
||||||
|
@ -1011,6 +1020,7 @@ TEST_P(AttestKeyTest, SecondIMEIAttestationIDSuccess) {
|
||||||
}
|
}
|
||||||
|
|
||||||
ASSERT_EQ(result, ErrorCode::OK);
|
ASSERT_EQ(result, ErrorCode::OK);
|
||||||
|
ASSERT_GT(attested_key_cert_chain.size(), 0);
|
||||||
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
||||||
|
|
||||||
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
|
@ -1023,7 +1033,7 @@ TEST_P(AttestKeyTest, SecondIMEIAttestationIDSuccess) {
|
||||||
KeyParameter imei_tag = Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, imei_blob);
|
KeyParameter imei_tag = Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, imei_blob);
|
||||||
hw_enforced.push_back(imei_tag);
|
hw_enforced.push_back(imei_tag);
|
||||||
|
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "challenge", "foo", sw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "challenge", "foo", sw_enforced,
|
||||||
hw_enforced, SecLevel(),
|
hw_enforced, SecLevel(),
|
||||||
attested_key_cert_chain[0].encodedCertificate));
|
attested_key_cert_chain[0].encodedCertificate));
|
||||||
}
|
}
|
||||||
|
@ -1088,6 +1098,7 @@ TEST_P(AttestKeyTest, MultipleIMEIAttestationIDSuccess) {
|
||||||
}
|
}
|
||||||
|
|
||||||
ASSERT_EQ(result, ErrorCode::OK);
|
ASSERT_EQ(result, ErrorCode::OK);
|
||||||
|
ASSERT_GT(attested_key_cert_chain.size(), 0);
|
||||||
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
KeyBlobDeleter attested_deleter(keymint_, attested_key_blob);
|
||||||
|
|
||||||
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
|
||||||
|
@ -1103,7 +1114,7 @@ TEST_P(AttestKeyTest, MultipleIMEIAttestationIDSuccess) {
|
||||||
KeyParameter sec_imei_tag = Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, sec_imei_blob);
|
KeyParameter sec_imei_tag = Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, sec_imei_blob);
|
||||||
hw_enforced.push_back(sec_imei_tag);
|
hw_enforced.push_back(sec_imei_tag);
|
||||||
|
|
||||||
EXPECT_TRUE(verify_attestation_record(AidlVersion(), "challenge", "foo", sw_enforced,
|
ASSERT_TRUE(verify_attestation_record(AidlVersion(), "challenge", "foo", sw_enforced,
|
||||||
hw_enforced, SecLevel(),
|
hw_enforced, SecLevel(),
|
||||||
attested_key_cert_chain[0].encodedCertificate));
|
attested_key_cert_chain[0].encodedCertificate));
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue