summaryrefslogtreecommitdiff
path: root/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
diff options
context:
space:
mode:
authorandroid-build-team Robot <android-build-team-robot@google.com>2021-04-03 03:06:39 +0000
committerandroid-build-team Robot <android-build-team-robot@google.com>2021-04-03 03:06:39 +0000
commite58dfd999e19e6661e24260b1f7f1d276133cb22 (patch)
tree8bb59bf270f47ef887ed46baf958dd21c8130162 /security/keymint/aidl/vts/functional/AttestKeyTest.cpp
parent39b1cd4e7560aaa826c8f8220f365eb5494d5f45 (diff)
parent098b1e4e506ede16710c3b8f003ad0be62969e8c (diff)
Snap for 7256110 from 098b1e4e506ede16710c3b8f003ad0be62969e8c to sc-release
Change-Id: Iecfcd27d50c7b6bdb5d8eb8ac984746c24eb8b98
Diffstat (limited to 'security/keymint/aidl/vts/functional/AttestKeyTest.cpp')
-rw-r--r--security/keymint/aidl/vts/functional/AttestKeyTest.cpp30
1 files changed, 30 insertions, 0 deletions
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index 1e907dbbee..daa3e1871f 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -207,6 +207,36 @@ TEST_P(AttestKeyTest, AllEcCurves) {
}
}
+TEST_P(AttestKeyTest, AttestWithNonAttestKey) {
+ // Create non-attestaton key.
+ AttestationKey non_attest_key;
+ vector<KeyCharacteristics> non_attest_key_characteristics;
+ vector<Certificate> non_attest_key_cert_chain;
+ ASSERT_EQ(
+ ErrorCode::OK,
+ GenerateKey(
+ AuthorizationSetBuilder().EcdsaSigningKey(EcCurve::P_256).SetDefaultValidity(),
+ {} /* attestation siging key */, &non_attest_key.keyBlob,
+ &non_attest_key_characteristics, &non_attest_key_cert_chain));
+
+ EXPECT_EQ(non_attest_key_cert_chain.size(), 1);
+ EXPECT_TRUE(IsSelfSigned(non_attest_key_cert_chain));
+
+ // Attempt to sign attestation with non-attest key.
+ vector<uint8_t> attested_key_blob;
+ vector<KeyCharacteristics> attested_key_characteristics;
+ vector<Certificate> attested_key_cert_chain;
+ EXPECT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
+ GenerateKey(AuthorizationSetBuilder()
+ .EcdsaSigningKey(EcCurve::P_256)
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .AttestationChallenge("foo")
+ .AttestationApplicationId("bar")
+ .SetDefaultValidity(),
+ non_attest_key, &attested_key_blob, &attested_key_characteristics,
+ &attested_key_cert_chain));
+}
+
INSTANTIATE_KEYMINT_AIDL_TEST(AttestKeyTest);
} // namespace aidl::android::hardware::security::keymint::test
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-04 04:09:29 +0000