Merge "KeyMint VTS: strict test only for v2+" am: d057fc0cb6 am: 1f0d75f1f8 am: 3056221f7c

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2033925 Change-Id: I2783a11812212640bbca13a8fd0faadba57e7103
author: David Drysdale <drysdale@google.com> 2022-03-22 10:25:29 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2022-03-22 10:25:29 +0000
commit: 895ae687e6f2e823e5ff78717d8f047a9f7886bf (patch)
tree: dec736d9c164170ee99c2b4c568c396709d65775 /security/keymint/aidl/vts/functional/KeyMintTest.cpp
parent: f371c5eac75391fcfa4ba9d246c0f5faa145a71e (diff)
parent: 3056221f7c9a3ab00afa869cbb981d50db7f5227 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 056d83a473..8a24d25918 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -3821,6 +3821,13 @@ TEST_P(ImportKeyTest, RsaPublicExponentMismatch) {
  * Verifies that importing an RSA key pair with purpose ATTEST_KEY+SIGN fails.
  */
 TEST_P(ImportKeyTest, RsaAttestMultiPurposeFail) {
+    if (AidlVersion() < 2) {
+        // The KeyMint v1 spec required that KeyPurpose::ATTEST_KEY not be combined
+        // with other key purposes.  However, this was not checked at the time
+        // so we can only be strict about checking this for implementations of KeyMint
+        // version 2 and above.
+        GTEST_SKIP() << "Single-purpose for KeyPurpose::ATTEST_KEY only strict since KeyMint v2";
+    }
     uint32_t key_size = 2048;
     string key = rsa_2048_key;
 
@@ -3959,6 +3966,13 @@ TEST_P(ImportKeyTest, EcdsaCurveMismatch) {
  * Verifies that importing and using an ECDSA P-256 key pair with purpose ATTEST_KEY+SIGN fails.
  */
 TEST_P(ImportKeyTest, EcdsaAttestMultiPurposeFail) {
+    if (AidlVersion() < 2) {
+        // The KeyMint v1 spec required that KeyPurpose::ATTEST_KEY not be combined
+        // with other key purposes.  However, this was not checked at the time
+        // so we can only be strict about checking this for implementations of KeyMint
+        // version 2 and above.
+        GTEST_SKIP() << "Single-purpose for KeyPurpose::ATTEST_KEY only strict since KeyMint v2";
+    }
     ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
               ImportKey(AuthorizationSetBuilder()
                                 .Authorization(TAG_NO_AUTH_REQUIRED)
author	David Drysdale <drysdale@google.com>	2022-03-22 10:25:29 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-03-22 10:25:29 +0000
commit	895ae687e6f2e823e5ff78717d8f047a9f7886bf (patch)
tree	dec736d9c164170ee99c2b4c568c396709d65775 /security/keymint/aidl/vts/functional/KeyMintTest.cpp
parent	f371c5eac75391fcfa4ba9d246c0f5faa145a71e (diff)
parent	3056221f7c9a3ab00afa869cbb981d50db7f5227 (diff)