Revise keymint_tags.h
* replace NullOr with std::optional.
* Add mising tag.
* Undefine helper macros so that keymint_tags.h can be used together
with keymaster_tags.h
* Check if KeyParameterValue variant matches KeyParameterTag in
accessors.
Test: VtsAidlKeyMintTargetTest
Change-Id: I6c951071f30fd27c8c21a2e8cc86f421a3bc37d9
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 6e38539..3060153 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -80,7 +80,10 @@
template <TagType tag_type, Tag tag, typename ValueT>
bool contains(vector<KeyParameter>& set, TypedTag<tag_type, tag> ttag, ValueT expected_value) {
auto it = std::find_if(set.begin(), set.end(), [&](const KeyParameter& param) {
- return param.tag == tag && accessTagValue(ttag, param) == expected_value;
+ if (auto p = authorizationValue(ttag, param)) {
+ return *p == expected_value;
+ }
+ return false;
});
return (it != set.end());
}
@@ -251,10 +254,10 @@
EXPECT_TRUE(auths.Contains(TAG_OS_VERSION, os_version()))
<< "OS version is " << os_version() << " key reported "
- << auths.GetTagValue(TAG_OS_VERSION);
+ << auths.GetTagValue(TAG_OS_VERSION)->get();
EXPECT_TRUE(auths.Contains(TAG_OS_PATCHLEVEL, os_patch_level()))
<< "OS patch level is " << os_patch_level() << " key reported "
- << auths.GetTagValue(TAG_OS_PATCHLEVEL);
+ << auths.GetTagValue(TAG_OS_PATCHLEVEL)->get();
}
};
@@ -2333,8 +2336,8 @@
vector<uint8_t> CopyIv(const AuthorizationSet& set) {
auto iv = set.GetTagValue(TAG_NONCE);
- EXPECT_TRUE(iv.isOk());
- return iv.value();
+ EXPECT_TRUE(iv);
+ return iv->get();
}
/*
@@ -2459,13 +2462,13 @@
case BlockMode::CBC:
case BlockMode::GCM:
case BlockMode::CTR:
- ASSERT_TRUE(iv.isOk()) << "No IV for block mode " << block_mode;
- EXPECT_EQ(block_mode == BlockMode::GCM ? 12U : 16U, iv.value().size());
- params.push_back(TAG_NONCE, iv.value());
+ ASSERT_TRUE(iv) << "No IV for block mode " << block_mode;
+ EXPECT_EQ(block_mode == BlockMode::GCM ? 12U : 16U, iv->get().size());
+ params.push_back(TAG_NONCE, iv->get());
break;
case BlockMode::ECB:
- EXPECT_FALSE(iv.isOk()) << "ECB mode should not generate IV";
+ EXPECT_FALSE(iv) << "ECB mode should not generate IV";
break;
}
@@ -2649,9 +2652,9 @@
AuthorizationSet out_params;
string ciphertext = EncryptMessage(message, params, &out_params);
EXPECT_EQ(message.size(), ciphertext.size());
- EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE).value().size());
+ EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE)->get().size());
- params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE).value());
+ params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE)->get());
string plaintext = DecryptMessage(ciphertext, params);
EXPECT_EQ(message, plaintext);
@@ -2697,9 +2700,9 @@
AuthorizationSet out_params;
string ciphertext = EncryptMessage(message, params, &out_params);
EXPECT_EQ(message.size(), ciphertext.size());
- EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE).value().size());
+ EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE)->get().size());
- params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE).value());
+ params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE)->get());
string plaintext = DecryptMessage(ciphertext, params);
EXPECT_EQ(message, plaintext);
@@ -2893,7 +2896,7 @@
AuthorizationSet begin_out_params;
EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params, &begin_out_params));
EXPECT_EQ(1U, begin_out_params.size());
- ASSERT_TRUE(begin_out_params.GetTagValue(TAG_NONCE).isOk());
+ ASSERT_TRUE(begin_out_params.GetTagValue(TAG_NONCE));
AuthorizationSet finish_out_params;
string ciphertext;