diff options
| author | Scott Lobdell <slobdell@google.com> | 2021-06-04 18:02:44 +0000 |
|---|---|---|
| committer | Scott Lobdell <slobdell@google.com> | 2021-06-04 18:02:44 +0000 |
| commit | c85bde0398d2a185e66a61cdabd26e5435bb4807 (patch) | |
| tree | 3d9efc2d95fccc971f519d1d323a19a4621683cd /security/keymint/aidl/vts/functional/AttestKeyTest.cpp | |
| parent | a01a9128380dad45a28f4740a57136a058eb9d12 (diff) | |
| parent | e013dd1a8b8f0df65b20c4de224effa1a7fcc61b (diff) | |
Merge SP1A.210604.001
Change-Id: I78feee65e602d45bb0e3e90536729623b0f3d4f5
Diffstat (limited to 'security/keymint/aidl/vts/functional/AttestKeyTest.cpp')
| -rw-r--r-- | security/keymint/aidl/vts/functional/AttestKeyTest.cpp | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp index 881354d41d..b8699e9d50 100644 --- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp +++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp @@ -180,7 +180,9 @@ TEST_P(AttestKeyTest, RsaAttestedAttestKeys) { auto subject = "cert subj 2"; vector<uint8_t> subject_der(make_name_from_str(subject)); - uint64_t serial_int = 66; + // An X.509 certificate serial number SHOULD be >0, but this is not policed. Check + // that a zero value doesn't cause problems. + uint64_t serial_int = 0; vector<uint8_t> serial_blob(build_serial_blob(serial_int)); /* @@ -223,7 +225,7 @@ TEST_P(AttestKeyTest, RsaAttestedAttestKeys) { auto subject2 = "cert subject"; vector<uint8_t> subject_der2(make_name_from_str(subject2)); - uint64_t serial_int2 = 987; + uint64_t serial_int2 = 255; vector<uint8_t> serial_blob2(build_serial_blob(serial_int2)); EXPECT_EQ(ErrorCode::OK, @@ -361,7 +363,7 @@ TEST_P(AttestKeyTest, EcAttestKeyChaining) { EXPECT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() - .EcdsaSigningKey(224) + .EcdsaSigningKey(EcCurve::P_256) .AttestKey() .AttestationChallenge("foo") .AttestationApplicationId("bar") @@ -435,7 +437,7 @@ TEST_P(AttestKeyTest, AlternateAttestKeyChaining) { if ((i & 0x1) == 1) { EXPECT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() - .EcdsaSigningKey(224) + .EcdsaSigningKey(EcCurve::P_256) .AttestKey() .AttestationChallenge("foo") .AttestationApplicationId("bar") @@ -513,7 +515,7 @@ TEST_P(AttestKeyTest, MissingChallenge) { vector<uint8_t> attested_key_blob; vector<KeyCharacteristics> attested_key_characteristics; vector<Certificate> attested_key_cert_chain; - EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, + EXPECT_EQ(ErrorCode::ATTESTATION_CHALLENGE_MISSING, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(2048, 65537) .Authorization(TAG_NO_AUTH_REQUIRED) @@ -522,7 +524,7 @@ TEST_P(AttestKeyTest, MissingChallenge) { attest_key, &attested_key_blob, &attested_key_characteristics, &attested_key_cert_chain)); - EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, + EXPECT_EQ(ErrorCode::ATTESTATION_CHALLENGE_MISSING, GenerateKey(AuthorizationSetBuilder() .EcdsaSigningKey(EcCurve::P_256) .Authorization(TAG_NO_AUTH_REQUIRED) |