diff options
| author | Andy Quan <andyq@google.com> | 2023-06-02 14:50:13 -0700 |
|---|---|---|
| committer | Andy Quan <andyq@google.com> | 2023-06-02 14:50:13 -0700 |
| commit | d62835f99043f85ecfc1d7283add550b047068f9 (patch) | |
| tree | 9f13793d31ef6c216531cc322e5780fe38a84fbe /security/keymint/aidl/vts/functional/AttestKeyTest.cpp | |
| parent | 9f3a2e40bf3ca1e866f5c6ec774620b05a06439b (diff) | |
| parent | 8c308539d804a6efb2272e4c9e73407241966f34 (diff) | |
DO NOT MERGE - Merge tm-qpr3-release TQ3A.230605.010 into tm-platform-merge
Bug: 279962103
Change-Id: I1192811ddd629eab6b0ddfc9c04ff4cf63685346
Diffstat (limited to 'security/keymint/aidl/vts/functional/AttestKeyTest.cpp')
| -rw-r--r-- | security/keymint/aidl/vts/functional/AttestKeyTest.cpp | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp index ca517ac61c..b9968f8afc 100644 --- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp +++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp @@ -35,7 +35,17 @@ bool IsSelfSigned(const vector<Certificate>& chain) { } // namespace class AttestKeyTest : public KeyMintAidlTestBase { + public: + void SetUp() override { + check_skip_test(); + KeyMintAidlTestBase::SetUp(); + } + protected: + const string FEATURE_KEYSTORE_APP_ATTEST_KEY = "android.hardware.keystore.app_attest_key"; + + const string FEATURE_STRONGBOX_KEYSTORE = "android.hardware.strongbox_keystore"; + ErrorCode GenerateAttestKey(const AuthorizationSet& key_desc, const optional<AttestationKey>& attest_key, vector<uint8_t>* key_blob, @@ -60,6 +70,59 @@ class AttestKeyTest : public KeyMintAidlTestBase { } return GenerateKey(key_desc, attest_key, key_blob, key_characteristics, cert_chain); } + + // Check if ATTEST_KEY feature is disabled + bool is_attest_key_feature_disabled(void) const { + if (!check_feature(FEATURE_KEYSTORE_APP_ATTEST_KEY)) { + GTEST_LOG_(INFO) << "Feature " + FEATURE_KEYSTORE_APP_ATTEST_KEY + " is disabled"; + return true; + } + + return false; + } + + // Check if StrongBox KeyStore is enabled + bool is_strongbox_enabled(void) const { + if (check_feature(FEATURE_STRONGBOX_KEYSTORE)) { + GTEST_LOG_(INFO) << "Feature " + FEATURE_STRONGBOX_KEYSTORE + " is enabled"; + return true; + } + + return false; + } + + // Check if chipset has received a waiver allowing it to be launched with + // Android S (or later) with Keymaster 4.0 in StrongBox + bool is_chipset_allowed_km4_strongbox(void) const { + std::array<char, PROPERTY_VALUE_MAX> buffer; + + auto res = property_get("ro.vendor.qti.soc_model", buffer.data(), nullptr); + if (res <= 0) return false; + + const string allowed_soc_models[] = {"SM8450", "SM8475", "SM8550", "SXR2230P"}; + + for (const string model : allowed_soc_models) { + if (model.compare(buffer.data()) == 0) { + GTEST_LOG_(INFO) << "QTI SOC Model " + model + " is allowed SB KM 4.0"; + return true; + } + } + + return false; + } + + // Skip the test if all the following conditions hold: + // 1. ATTEST_KEY feature is disabled + // 2. STRONGBOX is enabled + // 3. The device is running one of the chipsets that have received a waiver + // allowing it to be launched with Android S (or later) with Keymaster 4.0 + // in StrongBox + void check_skip_test(void) const { + if (is_attest_key_feature_disabled() && is_strongbox_enabled() && + is_chipset_allowed_km4_strongbox()) { + GTEST_SKIP() << "Test is not applicable"; + } + } }; /* |