Updated the vts attestation tests for strongbox implementations which

do not support factory attestation. Bug: b/219962281 Test: Run vts tests. Change-Id: Ie3f3f33f773227d879e11f11e2ef0eaee33db648
author: subrahmanyaman <subrahmanyaman@google.com> 2022-03-16 01:40:39 +0000
committer: subrahmanyaman <subrahmanyaman@google.com> 2022-03-23 22:27:05 +0000
commit: 7d9bc46f6f26586492f368a877b339eee56f7ffb (patch)
tree: b7984c697c455ce4da93c322e987a4caedd9a257 /security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
parent: 1b51643add17bd9fefe60756c2aa4c56c890dae3 (diff)
1 files changed, 24 insertions, 0 deletions
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 4ab989bcbc..f9510d3071 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -312,6 +312,30 @@ ErrorCode KeyMintAidlTestBase::GenerateKey(const AuthorizationSet& key_desc,
     return GenerateKey(key_desc, attest_key, &key_blob_, &key_characteristics_, &cert_chain_);
 }
 
+ErrorCode KeyMintAidlTestBase::GenerateKeyWithSelfSignedAttestKey(
+        const AuthorizationSet& attest_key_desc, const AuthorizationSet& key_desc,
+        vector<uint8_t>* key_blob, vector<KeyCharacteristics>* key_characteristics,
+        vector<Certificate>* cert_chain) {
+    AttestationKey attest_key;
+    vector<Certificate> attest_cert_chain;
+    vector<KeyCharacteristics> attest_key_characteristics;
+    // Generate a key with self signed attestation.
+    auto error = GenerateKey(attest_key_desc, std::nullopt, &attest_key.keyBlob,
+                             &attest_key_characteristics, &attest_cert_chain);
+    if (error != ErrorCode::OK) {
+        return error;
+    }
+
+    attest_key.issuerSubjectName = make_name_from_str("Android Keystore Key");
+    // Generate a key, by passing the above self signed attestation key as attest key.
+    error = GenerateKey(key_desc, attest_key, key_blob, key_characteristics, cert_chain);
+    if (error == ErrorCode::OK) {
+        // Append the attest_cert_chain to the attested cert_chain to yield a valid cert chain.
+        cert_chain->push_back(attest_cert_chain[0]);
+    }
+    return error;
+}
+
 ErrorCode KeyMintAidlTestBase::ImportKey(const AuthorizationSet& key_desc, KeyFormat format,
                                          const string& key_material, vector<uint8_t>* key_blob,
                                          vector<KeyCharacteristics>* key_characteristics) {
author	subrahmanyaman <subrahmanyaman@google.com>	2022-03-16 01:40:39 +0000
committer	subrahmanyaman <subrahmanyaman@google.com>	2022-03-23 22:27:05 +0000
commit	7d9bc46f6f26586492f368a877b339eee56f7ffb (patch)
tree	b7984c697c455ce4da93c322e987a4caedd9a257 /security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
parent	1b51643add17bd9fefe60756c2aa4c56c890dae3 (diff)