Disable KeyMint -> IRemotelyProvisionedComponent test am: 11860f2984

Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/interfaces/+/15787697

Change-Id: I4ccd90ddad225c6a0b3db4c39f0eca08c985dcb0
diff --git a/gnss/aidl/vts/gnss_hal_test_cases.cpp b/gnss/aidl/vts/gnss_hal_test_cases.cpp
index 91999f6..0cd782e 100644
--- a/gnss/aidl/vts/gnss_hal_test_cases.cpp
+++ b/gnss/aidl/vts/gnss_hal_test_cases.cpp
@@ -251,7 +251,6 @@
                 for (const auto& correlationVector : measurement.correlationVectors) {
                     ASSERT_GE(correlationVector.frequencyOffsetMps, 0);
                     ASSERT_GT(correlationVector.samplingWidthM, 0);
-                    ASSERT_GE(correlationVector.samplingStartM, 0);
                     ASSERT_TRUE(correlationVector.magnitude.size() > 0);
                     for (const auto& magnitude : correlationVector.magnitude) {
                         ASSERT_TRUE(magnitude >= -32768 && magnitude <= 32767);
diff --git a/gnss/common/utils/default/Utils.cpp b/gnss/common/utils/default/Utils.cpp
index d136448..23e39b2 100644
--- a/gnss/common/utils/default/Utils.cpp
+++ b/gnss/common/utils/default/Utils.cpp
@@ -221,7 +221,7 @@
         aidl::android::hardware::gnss::CorrelationVector correlationVector2 = {
                 .frequencyOffsetMps = 20,
                 .samplingWidthM = 30,
-                .samplingStartM = 0,
+                .samplingStartM = -10,
                 .magnitude = {0, 3000, 5000, 3000, 0, 0, 1000, 0}};
         measurement.correlationVectors = {correlationVector1, correlationVector2};
         measurement.flags |= GnssMeasurement::HAS_CORRELATION_VECTOR;
diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index 476eed8..93fb19d 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -940,7 +940,11 @@
  * UNSUPPORTED_KEY_SIZE.
  */
 TEST_P(NewKeyGenerationTest, AesInvalidKeySize) {
+    int32_t firstApiLevel = property_get_int32("ro.board.first_api_level", 0);
     for (auto key_size : InvalidKeySizes(Algorithm::AES)) {
+        if (key_size == 192 && SecLevel() == SecurityLevel::STRONGBOX && firstApiLevel < 31) {
+            continue;
+        }
         ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE,
                   GenerateKey(AuthorizationSetBuilder()
                                       .Authorization(TAG_NO_AUTH_REQUIRED)
diff --git a/media/omx/1.0/vts/functional/store/VtsHalMediaOmxV1_0TargetStoreTest.cpp b/media/omx/1.0/vts/functional/store/VtsHalMediaOmxV1_0TargetStoreTest.cpp
index e73196c..8699de3 100644
--- a/media/omx/1.0/vts/functional/store/VtsHalMediaOmxV1_0TargetStoreTest.cpp
+++ b/media/omx/1.0/vts/functional/store/VtsHalMediaOmxV1_0TargetStoreTest.cpp
@@ -264,11 +264,13 @@
 
         // Make sure role name follows expected format based on type and
         // isEncoder
-        const std::string role_name(
-                ::android::GetComponentRole(role.isEncoder, role.type.c_str()));
-        EXPECT_EQ(role_name, role.role) << "Role \"" << role.role << "\" does not match "
-                                        << (role.isEncoder ? "an encoder " : "a decoder ")
-                                        << "for mime type \"" << role.type << ".";
+        const char* role_name = ::android::GetComponentRole(role.isEncoder, role.type.c_str());
+        if (role_name != nullptr) {
+            EXPECT_EQ(std::string(role_name), role.role)
+                    << "Role \"" << role.role << "\" does not match "
+                    << (role.isEncoder ? "an encoder " : "a decoder ") << "for media type \""
+                    << role.type << ".";
+        }
 
         // Check the nodes for this role
         std::set<const std::string> nodeKeys;
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
index 2241735..4e81e71 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
@@ -96,7 +96,8 @@
  *
  * o   AES
  *
- *      - 128 and 256-bit keys
+ *      - TRUSTED_ENVIRONMENT IKeyMintDevices must support 128, 192 and 256-bit keys.
+ *        STRONGBOX IKeyMintDevices must only support 128 and 256-bit keys.
  *      - CBC, CTR, ECB and GCM modes.  The GCM mode must not allow the use of tags smaller than 96
  *        bits or nonce lengths other than 96 bits.
  *      - CBC and ECB modes must support unpadded and PKCS7 padding modes.  With no padding CBC and
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index a312723..26ed344 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -312,6 +312,7 @@
 
         AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
         AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+        ASSERT_GT(cert_chain_list[i].size(), 0);
         EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
                                               cert_chain_list[i][0].encodedCertificate));
 
@@ -383,6 +384,7 @@
 
         AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
         AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+        ASSERT_GT(cert_chain_list[i].size(), 0);
         EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
                                               cert_chain_list[i][0].encodedCertificate));
 
@@ -471,6 +473,7 @@
 
         AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
         AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+        ASSERT_GT(cert_chain_list[i].size(), 0);
         EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
                                               cert_chain_list[i][0].encodedCertificate));
 
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 9797e0e..2a0ee7f 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -1841,12 +1841,13 @@
     if (SecLevel() == SecurityLevel::STRONGBOX) return;
 
     auto result = GenerateKey(AuthorizationSetBuilder()
+                                      .Authorization(TAG_ALGORITHM, Algorithm::EC)
                                       .Authorization(TAG_KEY_SIZE, 224)
                                       .Authorization(TAG_EC_CURVE, EcCurve::P_256)
+                                      .SigningKey()
                                       .Digest(Digest::NONE)
                                       .SetDefaultValidity());
-    ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT ||
-                result == ErrorCode::UNSUPPORTED_ALGORITHM);
+    ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT);
 }
 
 /*