Merge "KeyMint VTS: extra unique ID test" am: 7a5b3d062d am: 3a539327e3 am: f103c76afe am: 37afdad0c5

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1877242 Change-Id: I9df56924b404ec4a9aed8ca62d332506929c92ee
author: David Drysdale <drysdale@google.com> 2021-11-11 07:35:26 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2021-11-11 07:35:26 +0000
commit: 6a20b8d8c293715b0387845b4314b3bdac97e07c (patch)
tree: 6ae33695d915452b59bbb54b8fc46a34c963e680 /security/keymint/aidl/vts/functional/KeyMintTest.cpp
parent: 2c6178fff7f3b85c609c07e6b816521cab194348 (diff)
parent: 37afdad0c5ecfc79340e3f3dbf672c0eeac7251f (diff)
1 files changed, 10 insertions, 2 deletions
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 670043d0dd..92aa2ac64b 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -1627,13 +1627,13 @@ TEST_P(NewKeyGenerationTest, EcdsaAttestationIdTags) {
  */
 TEST_P(NewKeyGenerationTest, EcdsaAttestationUniqueId) {
     auto get_unique_id = [this](const std::string& app_id, uint64_t datetime,
-                                vector<uint8_t>* unique_id) {
+                                vector<uint8_t>* unique_id, bool reset = false) {
         auto challenge = "hello";
         auto subject = "cert subj 2";
         vector<uint8_t> subject_der(make_name_from_str(subject));
         uint64_t serial_int = 0x1010;
         vector<uint8_t> serial_blob(build_serial_blob(serial_int));
-        const AuthorizationSetBuilder builder =
+        AuthorizationSetBuilder builder =
                 AuthorizationSetBuilder()
                         .Authorization(TAG_NO_AUTH_REQUIRED)
                         .Authorization(TAG_INCLUDE_UNIQUE_ID)
@@ -1645,6 +1645,9 @@ TEST_P(NewKeyGenerationTest, EcdsaAttestationUniqueId) {
                         .AttestationApplicationId(app_id)
                         .Authorization(TAG_CREATION_DATETIME, datetime)
                         .SetDefaultValidity();
+        if (reset) {
+            builder.Authorization(TAG_RESET_SINCE_ID_ROTATION);
+        }
 
         ASSERT_EQ(ErrorCode::OK, GenerateKey(builder));
         ASSERT_GT(key_blob_.size(), 0U);
@@ -1706,6 +1709,11 @@ TEST_P(NewKeyGenerationTest, EcdsaAttestationUniqueId) {
     vector<uint8_t> unique_id8;
     get_unique_id(app_id, min_date - 1, &unique_id8);
     EXPECT_NE(unique_id, unique_id8);
+
+    // Marking RESET_SINCE_ID_ROTATION should give a different unique ID.
+    vector<uint8_t> unique_id9;
+    get_unique_id(app_id, cert_date, &unique_id9, /* reset_id = */ true);
+    EXPECT_NE(unique_id, unique_id9);
 }
 
 /*
author	David Drysdale <drysdale@google.com>	2021-11-11 07:35:26 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2021-11-11 07:35:26 +0000
commit	6a20b8d8c293715b0387845b4314b3bdac97e07c (patch)
tree	6ae33695d915452b59bbb54b8fc46a34c963e680 /security/keymint/aidl/vts/functional/KeyMintTest.cpp
parent	2c6178fff7f3b85c609c07e6b816521cab194348 (diff)
parent	37afdad0c5ecfc79340e3f3dbf672c0eeac7251f (diff)