Merge 0786ab71425f1021f118b461ede72a4d6727a9f6 on remote branch

Change-Id: I3cdb3f7443c4ee7361dc9a79a15122e8dd1340f8

1 files changed, 11 insertions, 92 deletions

diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index e759123334..a868c966e6 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -80,7 +80,13 @@ string get_imei(int slot) {
         return "";
     }
 
-    return ::android::base::Trim(out[0]);
+    string imei = ::android::base::Trim(out[0]);
+    if (imei.compare("null") == 0) {
+        LOG(ERROR) << "Error in getting IMEI from Telephony service: value is null. Cmd: " << cmd;
+        return "";
+    }
+
+    return imei;
 }
 
 }  // namespace
@@ -88,96 +94,9 @@ string get_imei(int slot) {
 class AttestKeyTest : public KeyMintAidlTestBase {
   public:
     void SetUp() override {
-        check_skip_test();
+        skipAttestKeyTest();
         KeyMintAidlTestBase::SetUp();
     }
-
-  protected:
-    const string FEATURE_KEYSTORE_APP_ATTEST_KEY = "android.hardware.keystore.app_attest_key";
-
-    const string FEATURE_STRONGBOX_KEYSTORE = "android.hardware.strongbox_keystore";
-
-    ErrorCode GenerateAttestKey(const AuthorizationSet& key_desc,
-                                const optional<AttestationKey>& attest_key,
-                                vector<uint8_t>* key_blob,
-                                vector<KeyCharacteristics>* key_characteristics,
-                                vector<Certificate>* cert_chain) {
-        // The original specification for KeyMint v1 required ATTEST_KEY not be combined
-        // with any other key purpose, but the original VTS tests incorrectly did exactly that.
-        // This means that a device that launched prior to Android T (API level 33) may
-        // accept or even require KeyPurpose::SIGN too.
-        if (property_get_int32("ro.board.first_api_level", 0) < __ANDROID_API_T__) {
-            AuthorizationSet key_desc_plus_sign = key_desc;
-            key_desc_plus_sign.push_back(TAG_PURPOSE, KeyPurpose::SIGN);
-
-            auto result = GenerateKey(key_desc_plus_sign, attest_key, key_blob, key_characteristics,
-                                      cert_chain);
-            if (result == ErrorCode::OK) {
-                return result;
-            }
-            // If the key generation failed, it may be because the device is (correctly)
-            // rejecting the combination of ATTEST_KEY+SIGN.  Fall through to try again with
-            // just ATTEST_KEY.
-        }
-        return GenerateKey(key_desc, attest_key, key_blob, key_characteristics, cert_chain);
-    }
-
-    // Check if ATTEST_KEY feature is disabled
-    bool is_attest_key_feature_disabled(void) const {
-        if (!check_feature(FEATURE_KEYSTORE_APP_ATTEST_KEY)) {
-            GTEST_LOG_(INFO) << "Feature " + FEATURE_KEYSTORE_APP_ATTEST_KEY + " is disabled";
-            return true;
-        }
-
-        return false;
-    }
-
-    // Check if StrongBox KeyStore is enabled
-    bool is_strongbox_enabled(void) const {
-        if (check_feature(FEATURE_STRONGBOX_KEYSTORE)) {
-            GTEST_LOG_(INFO) << "Feature " + FEATURE_STRONGBOX_KEYSTORE + " is enabled";
-            return true;
-        }
-
-        return false;
-    }
-
-    // Check if chipset has received a waiver allowing it to be launched with Android S or T with
-    // Keymaster 4.0 in StrongBox.
-    bool is_chipset_allowed_km4_strongbox(void) const {
-        std::array<char, PROPERTY_VALUE_MAX> buffer;
-
-        const int32_t first_api_level = property_get_int32("ro.board.first_api_level", 0);
-        if (first_api_level <= 0 || first_api_level > __ANDROID_API_T__) return false;
-
-        auto res = property_get("ro.vendor.qti.soc_model", buffer.data(), nullptr);
-        if (res <= 0) return false;
-
-        const string allowed_soc_models[] = {"SM8450", "SM8475", "SM8550", "SXR2230P"};
-
-        for (const string model : allowed_soc_models) {
-            if (model.compare(buffer.data()) == 0) {
-                GTEST_LOG_(INFO) << "QTI SOC Model " + model + " is allowed SB KM 4.0";
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    // Skip the test if all the following conditions hold:
-    // 1. ATTEST_KEY feature is disabled
-    // 2. STRONGBOX is enabled
-    // 3. The device is running one of the chipsets that have received a waiver
-    //     allowing it to be launched with Android S (or later) with Keymaster 4.0
-    //     in StrongBox
-    void check_skip_test(void) const {
-        // Check the chipset first as that doesn't require a round-trip to Package Manager.
-        if (is_chipset_allowed_km4_strongbox() && is_strongbox_enabled() &&
-            is_attest_key_feature_disabled()) {
-            GTEST_SKIP() << "Test is not applicable";
-        }
-    }
 };
 
 /*
@@ -1059,7 +978,7 @@ TEST_P(AttestKeyTest, SecondIMEIAttestationIDSuccess) {
 
     // Skip the test if there is no second IMEI exists.
     string second_imei = get_imei(1);
-    if (second_imei.empty() || second_imei.compare("null") == 0) {
+    if (second_imei.empty()) {
         GTEST_SKIP() << "Test not applicable as there is no second IMEI";
     }
 
@@ -1137,13 +1056,13 @@ TEST_P(AttestKeyTest, MultipleIMEIAttestationIDSuccess) {
 
     // Skip the test if there is no first IMEI exists.
     string imei = get_imei(0);
-    if (imei.empty() || imei.compare("null") == 0) {
+    if (imei.empty()) {
         GTEST_SKIP() << "Test not applicable as there is no first IMEI";
     }
 
     // Skip the test if there is no second IMEI exists.
     string second_imei = get_imei(1);
-    if (second_imei.empty() || second_imei.compare("null") == 0) {
+    if (second_imei.empty()) {
         GTEST_SKIP() << "Test not applicable as there is no second IMEI";
     }