KeyMint VTS: allow for stricter SharedSecret impls

Bug: 192223752 Test: VtsAidlSharedSecretTargetTest Merged-Ind: Iccf2d0fe2a2d10ad12269dfecf78ea1d831c3ad4 Change-Id: Iccf2d0fe2a2d10ad12269dfecf78ea1d831c3ad4 Ignore-AOSP-First: already merged in aosp/master
author: David Drysdale <drysdale@google.com> 2021-06-28 13:18:23 +0100
committer: David Drysdale <drysdale@google.com> 2021-06-28 18:02:36 +0100
commit: 62272fc2f5fb8ed60eb42aaa2e7e417a7a4223b6 (patch)
tree: 98de6bf419acfa7fece8f657ea5aa2144b2a5282 /security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp
parent: 3fd4ec47060c3e55de54bcb6678160fb5bdd01e4 (diff)
1 files changed, 20 insertions, 8 deletions
diff --git a/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp b/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp
index 919f882631..51938baa82 100644
--- a/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp
+++ b/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp
@@ -268,10 +268,16 @@ TEST_F(SharedSecretAidlTest, ComputeSharedSecretShortNonce) {
                     << "Shared secret service that provided tweaked param should fail to compute "
                        "shared secret";
         } else {
-            EXPECT_EQ(ErrorCode::OK, responses[i].error) << "Others should succeed";
-            EXPECT_NE(correct_response, responses[i].sharing_check)
-                    << "Others should calculate a different shared secret, due to the tweaked "
-                       "nonce.";
+            // Other services *may* succeed, or may notice the invalid size for the nonce.
+            // However, if another service completes the computation, it should get the 'wrong'
+            // answer.
+            if (responses[i].error == ErrorCode::OK) {
+                EXPECT_NE(correct_response, responses[i].sharing_check)
+                        << "Others should calculate a different shared secret, due to the tweaked "
+                           "nonce.";
+            } else {
+                EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, responses[i].error);
+            }
         }
     }
 }
@@ -348,10 +354,16 @@ TEST_F(SharedSecretAidlTest, ComputeSharedSecretShortSeed) {
                     << "Shared secret service that provided tweaked param should fail to compute "
                        "shared secret";
         } else {
-            EXPECT_EQ(ErrorCode::OK, responses[i].error) << "Others should succeed";
-            EXPECT_NE(correct_response, responses[i].sharing_check)
-                    << "Others should calculate a different shared secret, due to the tweaked "
-                       "nonce.";
+            // Other services *may* succeed, or may notice the invalid size for the seed.
+            // However, if another service completes the computation, it should get the 'wrong'
+            // answer.
+            if (responses[i].error == ErrorCode::OK) {
+                EXPECT_NE(correct_response, responses[i].sharing_check)
+                        << "Others should calculate a different shared secret, due to the tweaked "
+                           "seed.";
+            } else {
+                EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, responses[i].error);
+            }
         }
     }
 }
author	David Drysdale <drysdale@google.com>	2021-06-28 13:18:23 +0100
committer	David Drysdale <drysdale@google.com>	2021-06-28 18:02:36 +0100
commit	62272fc2f5fb8ed60eb42aaa2e7e417a7a4223b6 (patch)
tree	98de6bf419acfa7fece8f657ea5aa2144b2a5282 /security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp
parent	3fd4ec47060c3e55de54bcb6678160fb5bdd01e4 (diff)