diff options
| author | Seth Moore <sethmo@google.com> | 2021-07-12 14:18:28 -0700 |
|---|---|---|
| committer | Seth Moore <sethmo@google.com> | 2021-07-12 15:10:40 -0700 |
| commit | 3dbdaa9717149eaf4f4be86443c78a3c1e72ac32 (patch) | |
| tree | 6568d596f42465ea4d69e1d428b19d2915ff7d3c /security/keymint/aidl/vts/functional/KeyMintTest.cpp | |
| parent | 45cb33bf7a67027701a5e8939c0ca571cd4a05ab (diff) | |
Don't fail if TAG_ALLOW_WHILE_ON_BODY is missing
The TAG_ALLOW_WHILE_ON_BODY authorization is not required to be
supported, and if it is not supported it's a noop. Don't expect the tag
to fail with UNSUPPORTED_TAG on devices that don't support it.
Test: VtsAidlKeyMintTargetTest
Bug: 192222727
Change-Id: I2e80ca59151e79f595a65cae94ac966b4ba7020d
Diffstat (limited to 'security/keymint/aidl/vts/functional/KeyMintTest.cpp')
| -rw-r--r-- | security/keymint/aidl/vts/functional/KeyMintTest.cpp | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp index d41d270764..5a87b83854 100644 --- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp +++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp @@ -1487,9 +1487,8 @@ TEST_P(NewKeyGenerationTest, EcdsaAttestationTags) { tag.tag == TAG_ROLLBACK_RESISTANCE) { continue; } - if (result == ErrorCode::UNSUPPORTED_TAG && - (tag.tag == TAG_ALLOW_WHILE_ON_BODY || tag.tag == TAG_TRUSTED_USER_PRESENCE_REQUIRED)) { - // Optional tag not supported by this KeyMint implementation. + if (result == ErrorCode::UNSUPPORTED_TAG && tag.tag == TAG_TRUSTED_USER_PRESENCE_REQUIRED) { + // Tag not required to be supported by all KeyMint implementations. continue; } ASSERT_EQ(result, ErrorCode::OK); @@ -1501,9 +1500,8 @@ TEST_P(NewKeyGenerationTest, EcdsaAttestationTags) { AuthorizationSet hw_enforced = HwEnforcedAuthorizations(key_characteristics); AuthorizationSet sw_enforced = SwEnforcedAuthorizations(key_characteristics); - if (tag.tag != TAG_ATTESTATION_APPLICATION_ID) { - // Expect to find most of the extra tags in the key characteristics - // of the generated key (but not for ATTESTATION_APPLICATION_ID). + // Some tags are optional, so don't require them to be in the enforcements. + if (tag.tag != TAG_ATTESTATION_APPLICATION_ID && tag.tag != TAG_ALLOW_WHILE_ON_BODY) { EXPECT_TRUE(hw_enforced.Contains(tag.tag) || sw_enforced.Contains(tag.tag)) << tag << " not in hw:" << hw_enforced << " nor sw:" << sw_enforced; } |