Disable KeyMint -> IRemotelyProvisionedComponent test am: 11860f2984
Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/interfaces/+/15787697
Change-Id: I4ccd90ddad225c6a0b3db4c39f0eca08c985dcb0
diff --git a/gnss/aidl/vts/gnss_hal_test_cases.cpp b/gnss/aidl/vts/gnss_hal_test_cases.cpp
index 91999f6..0cd782e 100644
--- a/gnss/aidl/vts/gnss_hal_test_cases.cpp
+++ b/gnss/aidl/vts/gnss_hal_test_cases.cpp
@@ -251,7 +251,6 @@
for (const auto& correlationVector : measurement.correlationVectors) {
ASSERT_GE(correlationVector.frequencyOffsetMps, 0);
ASSERT_GT(correlationVector.samplingWidthM, 0);
- ASSERT_GE(correlationVector.samplingStartM, 0);
ASSERT_TRUE(correlationVector.magnitude.size() > 0);
for (const auto& magnitude : correlationVector.magnitude) {
ASSERT_TRUE(magnitude >= -32768 && magnitude <= 32767);
diff --git a/gnss/common/utils/default/Utils.cpp b/gnss/common/utils/default/Utils.cpp
index d136448..23e39b2 100644
--- a/gnss/common/utils/default/Utils.cpp
+++ b/gnss/common/utils/default/Utils.cpp
@@ -221,7 +221,7 @@
aidl::android::hardware::gnss::CorrelationVector correlationVector2 = {
.frequencyOffsetMps = 20,
.samplingWidthM = 30,
- .samplingStartM = 0,
+ .samplingStartM = -10,
.magnitude = {0, 3000, 5000, 3000, 0, 0, 1000, 0}};
measurement.correlationVectors = {correlationVector1, correlationVector2};
measurement.flags |= GnssMeasurement::HAS_CORRELATION_VECTOR;
diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index 476eed8..93fb19d 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -940,7 +940,11 @@
* UNSUPPORTED_KEY_SIZE.
*/
TEST_P(NewKeyGenerationTest, AesInvalidKeySize) {
+ int32_t firstApiLevel = property_get_int32("ro.board.first_api_level", 0);
for (auto key_size : InvalidKeySizes(Algorithm::AES)) {
+ if (key_size == 192 && SecLevel() == SecurityLevel::STRONGBOX && firstApiLevel < 31) {
+ continue;
+ }
ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE,
GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
diff --git a/media/omx/1.0/vts/functional/store/VtsHalMediaOmxV1_0TargetStoreTest.cpp b/media/omx/1.0/vts/functional/store/VtsHalMediaOmxV1_0TargetStoreTest.cpp
index e73196c..8699de3 100644
--- a/media/omx/1.0/vts/functional/store/VtsHalMediaOmxV1_0TargetStoreTest.cpp
+++ b/media/omx/1.0/vts/functional/store/VtsHalMediaOmxV1_0TargetStoreTest.cpp
@@ -264,11 +264,13 @@
// Make sure role name follows expected format based on type and
// isEncoder
- const std::string role_name(
- ::android::GetComponentRole(role.isEncoder, role.type.c_str()));
- EXPECT_EQ(role_name, role.role) << "Role \"" << role.role << "\" does not match "
- << (role.isEncoder ? "an encoder " : "a decoder ")
- << "for mime type \"" << role.type << ".";
+ const char* role_name = ::android::GetComponentRole(role.isEncoder, role.type.c_str());
+ if (role_name != nullptr) {
+ EXPECT_EQ(std::string(role_name), role.role)
+ << "Role \"" << role.role << "\" does not match "
+ << (role.isEncoder ? "an encoder " : "a decoder ") << "for media type \""
+ << role.type << ".";
+ }
// Check the nodes for this role
std::set<const std::string> nodeKeys;
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
index 2241735..4e81e71 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
@@ -96,7 +96,8 @@
*
* o AES
*
- * - 128 and 256-bit keys
+ * - TRUSTED_ENVIRONMENT IKeyMintDevices must support 128, 192 and 256-bit keys.
+ * STRONGBOX IKeyMintDevices must only support 128 and 256-bit keys.
* - CBC, CTR, ECB and GCM modes. The GCM mode must not allow the use of tags smaller than 96
* bits or nonce lengths other than 96 bits.
* - CBC and ECB modes must support unpadded and PKCS7 padding modes. With no padding CBC and
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index a312723..26ed344 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -312,6 +312,7 @@
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ ASSERT_GT(cert_chain_list[i].size(), 0);
EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
cert_chain_list[i][0].encodedCertificate));
@@ -383,6 +384,7 @@
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ ASSERT_GT(cert_chain_list[i].size(), 0);
EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
cert_chain_list[i][0].encodedCertificate));
@@ -471,6 +473,7 @@
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ ASSERT_GT(cert_chain_list[i].size(), 0);
EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
cert_chain_list[i][0].encodedCertificate));
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 9797e0e..2a0ee7f 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -1841,12 +1841,13 @@
if (SecLevel() == SecurityLevel::STRONGBOX) return;
auto result = GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_ALGORITHM, Algorithm::EC)
.Authorization(TAG_KEY_SIZE, 224)
.Authorization(TAG_EC_CURVE, EcCurve::P_256)
+ .SigningKey()
.Digest(Digest::NONE)
.SetDefaultValidity());
- ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT ||
- result == ErrorCode::UNSUPPORTED_ALGORITHM);
+ ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT);
}
/*