KeyMint VTS: re-order auth failure arms
Allow for devices that claim to need external timestamps, but don't.
Test: VtsAidlKeyMintTargetTest
Bug: 300211206
(cherry picked from https://android-review.googlesource.com/q/commit:a35699cb5cfef3773afebf51c2dd38530db43bf0)
Merged-In: Ie450d9969c337d5274502f3600e14c0b481e8b34
Change-Id: Ie450d9969c337d5274502f3600e14c0b481e8b34
diff --git a/security/keymint/aidl/vts/functional/AuthTest.cpp b/security/keymint/aidl/vts/functional/AuthTest.cpp
index 78c88f4..6499f14 100644
--- a/security/keymint/aidl/vts/functional/AuthTest.cpp
+++ b/security/keymint/aidl/vts/functional/AuthTest.cpp
@@ -329,14 +329,14 @@
// Wait for long enough that the hardware auth token expires.
sleep(timeout_secs + 1);
- if (!timestamp_token_required_) {
- // KeyMint implementation has its own clock, and can immediately detect timeout.
- EXPECT_EQ(ErrorCode::KEY_USER_NOT_AUTHENTICATED,
- Begin(KeyPurpose::ENCRYPT, keyblob, params, &out_params, hat));
- } else {
- // KeyMint implementation has no clock, so only detects timeout via timestamp token provided
- // on update()/finish().
- ASSERT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, keyblob, params, &out_params, hat));
+
+ auto begin_result = Begin(KeyPurpose::ENCRYPT, keyblob, params, &out_params, hat);
+ if (begin_result == ErrorCode::OK) {
+ // If begin() succeeds despite the out-of-date HAT, that must mean that the KeyMint
+ // device doesn't have its own clock. In that case, it only detects timeout via a
+ // timestamp token provided on update()/finish()
+ ASSERT_TRUE(timestamp_token_required_);
+
secureclock::TimeStampToken time_token;
EXPECT_EQ(ErrorCode::OK,
GetReturnErrorCode(clock_->generateTimeStamp(challenge_, &time_token)));
@@ -344,6 +344,9 @@
string output;
EXPECT_EQ(ErrorCode::KEY_USER_NOT_AUTHENTICATED,
Finish(message, {} /* signature */, &output, hat, time_token));
+ } else {
+ // The KeyMint implementation may have its own clock that can immediately detect timeout.
+ ASSERT_EQ(ErrorCode::KEY_USER_NOT_AUTHENTICATED, begin_result);
}
}