KeyMint VTS: require curve for ECDSA keys

The KeyMint AIDL spec requires that "Tag::EC_CURVE must be provided to
generate an ECDSA key". Move the VTS tests to always create ECDSA keys
by curve not key size.

Bug: 188672564
Test: VtsAidlKeyMintTargetTest
Change-Id: I33036387c243b21ab0ecd49221b7e7757598913e

1 files changed, 6 insertions, 13 deletions

diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 5a511752b5..5359b3b667 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -1022,16 +1022,7 @@ vector<uint32_t> KeyMintAidlTestBase::ValidKeySizes(Algorithm algorithm) {
             }
             break;
         case Algorithm::EC:
-            switch (SecLevel()) {
-                case SecurityLevel::SOFTWARE:
-                case SecurityLevel::TRUSTED_ENVIRONMENT:
-                    return {224, 256, 384, 521};
-                case SecurityLevel::STRONGBOX:
-                    return {256};
-                default:
-                    ADD_FAILURE() << "Invalid security level " << uint32_t(SecLevel());
-                    break;
-            }
+            ADD_FAILURE() << "EC keys must be specified by curve not size";
             break;
         case Algorithm::AES:
             return {128, 256};
@@ -1147,9 +1138,11 @@ vector<EcCurve> KeyMintAidlTestBase::ValidCurves() {
 }
 
 vector<EcCurve> KeyMintAidlTestBase::InvalidCurves() {
-    if (SecLevel() == SecurityLevel::TRUSTED_ENVIRONMENT) return {};
-    CHECK(SecLevel() == SecurityLevel::STRONGBOX);
-    return {EcCurve::P_224, EcCurve::P_384, EcCurve::P_521};
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        return {EcCurve::P_224, EcCurve::P_384, EcCurve::P_521};
+    } else {
+        return {};
+    }
 }
 
 vector<Digest> KeyMintAidlTestBase::ValidDigests(bool withNone, bool withMD5) {