From 728336ffa332ee09ff69d8f839a58ccb95357073 Mon Sep 17 00:00:00 2001 From: Tommy Chiu Date: Wed, 8 Feb 2023 14:55:40 +0000 Subject: [PATCH] VTS: Restore 2nd-IMEI tests Enable some tests that are bypassed on strongbox implementation. Bug: 262255219 Test: VtsAidlKeyMintTargetTest Change-Id: I548bddcd16c0a1ee1c1cb8266d4d99dbdff3d39b --- .../aidl/vts/functional/AttestKeyTest.cpp | 18 ++---------------- .../aidl/vts/functional/KeyMintTest.cpp | 7 ------- 2 files changed, 2 insertions(+), 23 deletions(-) diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp index 8ffc179362..e759123334 100644 --- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp +++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp @@ -1019,12 +1019,8 @@ TEST_P(AttestKeyTest, EcdsaAttestationMismatchID) { .Authorization(TAG_ATTESTATION_ID_MANUFACTURER, "malformed-manufacturer") .Authorization(TAG_ATTESTATION_ID_MODEL, "malicious-model"); - // TODO(b/262255219): Remove this condition when StrongBox supports 2nd IMEI attestation. - if (SecLevel() != SecurityLevel::STRONGBOX) { - if (isSecondImeiIdAttestationRequired()) { - attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, - "invalid-second-imei"); - } + if (isSecondImeiIdAttestationRequired()) { + attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, "invalid-second-imei"); } vector key_blob; vector key_characteristics; @@ -1061,11 +1057,6 @@ TEST_P(AttestKeyTest, SecondIMEIAttestationIDSuccess) { GTEST_SKIP() << "Test not applicable under GSI"; } - // TODO(b/262255219): Remove this condition when StrongBox supports 2nd IMEI attestation. - if (SecLevel() == SecurityLevel::STRONGBOX) { - GTEST_SKIP() << "Test not applicable for SecurityLevel::STRONGBOX"; - } - // Skip the test if there is no second IMEI exists. string second_imei = get_imei(1); if (second_imei.empty() || second_imei.compare("null") == 0) { @@ -1144,11 +1135,6 @@ TEST_P(AttestKeyTest, MultipleIMEIAttestationIDSuccess) { GTEST_SKIP() << "Test not applicable under GSI"; } - // TODO(b/262255219): Remove this condition when StrongBox supports 2nd IMEI attestation. - if (SecLevel() == SecurityLevel::STRONGBOX) { - GTEST_SKIP() << "Test not applicable for SecurityLevel::STRONGBOX"; - } - // Skip the test if there is no first IMEI exists. string imei = get_imei(0); if (imei.empty() || imei.compare("null") == 0) { diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp index c45dd3f4f9..9430f123c6 100644 --- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp +++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp @@ -3081,9 +3081,6 @@ TEST_P(SigningOperationsTest, RsaPaddingNoneDoesNotAllowOther) { * presented. */ TEST_P(SigningOperationsTest, NoUserConfirmation) { - if (SecLevel() == SecurityLevel::STRONGBOX) { - GTEST_SKIP() << "Test not applicable to StrongBox device"; - } ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .Digest(Digest::NONE) @@ -7788,10 +7785,6 @@ TEST_P(UsageCountLimitTest, TestLimitUseRsa) { * in hardware. */ TEST_P(UsageCountLimitTest, TestSingleUseKeyAndRollbackResistance) { - if (SecLevel() == SecurityLevel::STRONGBOX) { - GTEST_SKIP() << "Test not applicable to StrongBox device"; - } - auto error = GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(2048, 65537) .Digest(Digest::NONE)