tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Prevent test crashes if device sets invalid curve" am: ceedbb0d1a

Browse source 
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2020155

Change-Id: I8ca787e6f309d430b3859909d9c951a6511cc242
This commit is contained in:
David Drysdale 2022-03-15 08:06:22 +00:00 committed by Automerger Merge Worker
commit cd2af34d63
2 changed files with 9 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
View file

@ -363,7 +363,7 @@ class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
void generateTestEekChain(size_t eekLength) {
auto chain = generateEekChain(rpcHardwareInfo.supportedEekCurve, eekLength, eekId_);
EXPECT_TRUE(chain) << chain.message();
ASSERT_TRUE(chain) << chain.message();
if (chain) testEekChain_ = chain.moveValue();
testEekLength_ = eekLength;
}
@ -669,7 +669,9 @@ TEST_P(CertificateRequestTest, DISABLED_NonEmptyRequest_prodMode) {
TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_testMode) {
bool testMode = true;
generateKeys(testMode, 1 /* numKeys */);
MacedPublicKey keyWithCorruptMac = corrupt_maced_key(keysToSign_[0]).moveValue();
auto result = corrupt_maced_key(keysToSign_[0]);
ASSERT_TRUE(result) << result.moveMessage();
MacedPublicKey keyWithCorruptMac = result.moveValue();
bytevec keysToSignMac;
DeviceInfo deviceInfo;
@ -688,7 +690,9 @@ TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_testMode) {
TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_prodMode) {
bool testMode = false;
generateKeys(testMode, 1 /* numKeys */);
MacedPublicKey keyWithCorruptMac = corrupt_maced_key(keysToSign_[0]).moveValue();
auto result = corrupt_maced_key(keysToSign_[0]);
ASSERT_TRUE(result) << result.moveMessage();
MacedPublicKey keyWithCorruptMac = result.moveValue();
bytevec keysToSignMac;
DeviceInfo deviceInfo;

4
security/keymint/support/remote_prov_utils.cpp
View file

@ -225,7 +225,7 @@ ErrMsgOr<EekChain> generateEekChain(int32_t supportedEekCurve, size_t length,
bytevec prev_priv_key;
for (size_t i = 0; i < length - 1; ++i) {
auto keyPair = generateKeyPair(supportedEekCurve, false);
if (!keyPair) keyPair.moveMessage();
if (!keyPair) return keyPair.moveMessage();
auto [pub_key, priv_key] = keyPair.moveValue();
// The first signing key is self-signed.
@ -242,7 +242,7 @@ ErrMsgOr<EekChain> generateEekChain(int32_t supportedEekCurve, size_t length,
prev_priv_key = priv_key;
}
auto keyPair = generateKeyPair(supportedEekCurve, true);
if (!keyPair) keyPair.moveMessage();
if (!keyPair) return keyPair.moveMessage();
auto [pub_key, priv_key] = keyPair.moveValue();
auto coseKey = constructCoseKey(supportedEekCurve, eekId, pub_key);