KeyMint vts: Correct the EC curve parameter and some return code

Strongbox doens't support p-224. Change the curve to p-256 for better compatibility. Also update the tags to be filtered on the hw-enforcement list. Change-Id: I3f587c5471ca68b88a565ee9ec2e27d1e9e11b17
author: Tommy Chiu <tommychiu@google.com> 2021-05-11 18:36:50 +0800
committer: Tommy Chiu <tommychiu@google.com> 2021-05-12 19:13:55 +0800
commit: c93c439ad3c7553badc21e9e9f6dc10e5b13b970 (patch)
tree: 15fd7f851d5d4dc3c26466df4e8671e23d9db65b /security/keymint/aidl/vts/functional/AttestKeyTest.cpp
parent: 566d1cb6e0eb2c1da8f11d3f850135d7d5f13dba (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index 881354d41d..e4a877c0cb 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -361,7 +361,7 @@ TEST_P(AttestKeyTest, EcAttestKeyChaining) {
 
         EXPECT_EQ(ErrorCode::OK,
                   GenerateKey(AuthorizationSetBuilder()
-                                      .EcdsaSigningKey(224)
+                                      .EcdsaSigningKey(EcCurve::P_256)
                                       .AttestKey()
                                       .AttestationChallenge("foo")
                                       .AttestationApplicationId("bar")
@@ -435,7 +435,7 @@ TEST_P(AttestKeyTest, AlternateAttestKeyChaining) {
         if ((i & 0x1) == 1) {
             EXPECT_EQ(ErrorCode::OK,
                       GenerateKey(AuthorizationSetBuilder()
-                                          .EcdsaSigningKey(224)
+                                          .EcdsaSigningKey(EcCurve::P_256)
                                           .AttestKey()
                                           .AttestationChallenge("foo")
                                           .AttestationApplicationId("bar")
@@ -513,7 +513,7 @@ TEST_P(AttestKeyTest, MissingChallenge) {
         vector<uint8_t> attested_key_blob;
         vector<KeyCharacteristics> attested_key_characteristics;
         vector<Certificate> attested_key_cert_chain;
-        EXPECT_EQ(ErrorCode::INVALID_ARGUMENT,
+        EXPECT_EQ(ErrorCode::ATTESTATION_CHALLENGE_MISSING,
                   GenerateKey(AuthorizationSetBuilder()
                                       .RsaSigningKey(2048, 65537)
                                       .Authorization(TAG_NO_AUTH_REQUIRED)
@@ -522,7 +522,7 @@ TEST_P(AttestKeyTest, MissingChallenge) {
                               attest_key, &attested_key_blob, &attested_key_characteristics,
                               &attested_key_cert_chain));
 
-        EXPECT_EQ(ErrorCode::INVALID_ARGUMENT,
+        EXPECT_EQ(ErrorCode::ATTESTATION_CHALLENGE_MISSING,
                   GenerateKey(AuthorizationSetBuilder()
                                       .EcdsaSigningKey(EcCurve::P_256)
                                       .Authorization(TAG_NO_AUTH_REQUIRED)
author	Tommy Chiu <tommychiu@google.com>	2021-05-11 18:36:50 +0800
committer	Tommy Chiu <tommychiu@google.com>	2021-05-12 19:13:55 +0800
commit	c93c439ad3c7553badc21e9e9f6dc10e5b13b970 (patch)
tree	15fd7f851d5d4dc3c26466df4e8671e23d9db65b /security/keymint/aidl/vts/functional/AttestKeyTest.cpp
parent	566d1cb6e0eb2c1da8f11d3f850135d7d5f13dba (diff)