Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / 07c7d28a844e14605906c3085bef5912d031561d^! / .
commit07c7d28a844e14605906c3085bef5912d031561d[log] [tgz]
authorSubrahmanya Manikanta Venkateswarlu Bhamidipati Kameswara Sri <subrahmanyaman@google.com>Wed Jul 26 01:10:22 2023 +0000
committerSubrahmanya Manikanta Venkateswarlu Bhamidipati Kameswara Sri <subrahmanyaman@google.com>Tue Aug 08 22:33:37 2023 +0000
tree785b20bb89faefaa440f1a4d4644d06ae2f61877
parentb93626c412e016444bfe6f8dfd12e6d594a0fb60 [diff]
Update the TimeoutAuthenticationMultiSid test

Update TimeoutAuthenticationMultiSid test to support
generateKey for Strongbox implementations without
factory attestation.

Bug: 293211157
Test: run vts -m VtsAidlKeyMintTarget
Change-Id: I27bf08d2fd2d9e0217a90ee8ccb789adfd9d5f7f

diff --git a/security/keymint/aidl/vts/functional/AuthTest.cpp b/security/keymint/aidl/vts/functional/AuthTest.cpp
index 290e8fc..ecaee11 100644
--- a/security/keymint/aidl/vts/functional/AuthTest.cpp
+++ b/security/keymint/aidl/vts/functional/AuthTest.cpp

@@ -453,8 +453,18 @@
     vector<uint8_t> keyblob;
     vector<KeyCharacteristics> key_characteristics;
     vector<Certificate> cert_chain;
-    ASSERT_EQ(ErrorCode::OK,
-              GenerateKey(builder, std::nullopt, &keyblob, &key_characteristics, &cert_chain));
+    auto result = GenerateKey(builder, std::nullopt, &keyblob, &key_characteristics, &cert_chain);
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
+            result = GenerateKeyWithSelfSignedAttestKey(AuthorizationSetBuilder()
+                                                                .EcdsaKey(EcCurve::P_256)
+                                                                .AttestKey()
+                                                                .SetDefaultValidity(),
+                                                        builder, &keyblob, &key_characteristics,
+                                                        &cert_chain);
+        }
+    }
+    ASSERT_EQ(ErrorCode::OK, result);
 
     // Verify first user to get a HAT that should work.
     const uint64_t challenge = 42;