Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / 702909f11a513b6ebb298d10c7bbf7ee722993af^1..702909f11a513b6ebb298d10c7bbf7ee722993af / .
commit702909f11a513b6ebb298d10c7bbf7ee722993af[log] [tgz]
authorDavid Drysdale <drysdale@google.com>Wed Jul 05 08:10:33 2023 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Wed Jul 05 08:10:33 2023 +0000
tree89d831706b737bcf83bb248017f99fd2524091ca
parent0b219c1073cd7dfba1f95360b28b4b069c83bdf5 [diff]
parente13d20b7466e38b8522791e4917edb7fee2b9693 [diff]
Merge "Fix attestation error checks" am: 82f86a1d4b am: 18283b6ca8 am: 286d2f7ea6 am: e13d20b746

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2648423

Change-Id: I4267e1f42d843b690fc948cedc8efa3377448cb7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index e0e3d98..9f8593c 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp

@@ -2214,30 +2214,26 @@
 
 // Check the error code from an attempt to perform device ID attestation with an invalid value.
 void device_id_attestation_check_acceptable_error(Tag tag, const ErrorCode& result) {
-    // Standard/default error code for ID mismatch.
     if (result == ErrorCode::CANNOT_ATTEST_IDS) {
-        return;
-    }
-
-    // Depending on the situation, other error codes may be acceptable.  First, allow older
-    // implementations to use INVALID_TAG.
-    if (result == ErrorCode::INVALID_TAG) {
+        // Standard/default error code for ID mismatch.
+    } else if (result == ErrorCode::INVALID_TAG) {
+        // Depending on the situation, other error codes may be acceptable.  First, allow older
+        // implementations to use INVALID_TAG.
         ASSERT_FALSE(get_vsr_api_level() > __ANDROID_API_T__)
                 << "It is a specification violation for INVALID_TAG to be returned due to ID "
                 << "mismatch in a Device ID Attestation call. INVALID_TAG is only intended to "
                 << "be used for a case where updateAad() is called after update(). As of "
                 << "VSR-14, this is now enforced as an error.";
-    }
-
-    // If the device is not a phone, it will not have IMEI/MEID values available.  Allow
-    // ATTESTATION_IDS_NOT_PROVISIONED in this case.
-    if (result == ErrorCode::ATTESTATION_IDS_NOT_PROVISIONED) {
+    } else if (result == ErrorCode::ATTESTATION_IDS_NOT_PROVISIONED) {
+        // If the device is not a phone, it will not have IMEI/MEID values available.  Allow
+        // ATTESTATION_IDS_NOT_PROVISIONED in this case.
         ASSERT_TRUE((tag == TAG_ATTESTATION_ID_IMEI || tag == TAG_ATTESTATION_ID_MEID ||
                      tag == TAG_ATTESTATION_ID_SECOND_IMEI))
                 << "incorrect error code on attestation ID mismatch";
+    } else {
+        ADD_FAILURE() << "Error code " << result
+                      << " returned on attestation ID mismatch, should be CANNOT_ATTEST_IDS";
     }
-    ADD_FAILURE() << "Error code " << result
-                  << " returned on attestation ID mismatch, should be CANNOT_ATTEST_IDS";
 }
 
 // Check whether the given named feature is available.