KeyMint: use a smaller invalid IMEI value The invalid value used for the second IMEI attestation test is potentially wrong in two ways: - It doesn't match the provisioned value. - It's not a valid IMEI, not least because it is longer than 16 bytes. Make the test value shorter so the second failure doesn't apply and the test can reliably expect CANNOT_ATTEST_IDS. Bug: 292959871 Bug: 327123694 Test: VtsAidlKeyMintTargetTest Change-Id: If8c6b9e08b48e6caf5c767578e1ac43964214619 (cherry picked from commit 0215cb3d3ef4e5421a1f4c414b7a20b83edf2576)

commit: 8351f33b2b5a4be356605251e2ea26c3c03d946f [log] [tgz]
author: David Drysdale <drysdale@google.com> Mon Aug 07 11:53:46 2023 +0100
committer: Yinchu Chen <chenyc5@motorola.com> Tue Feb 27 10:13:15 2024 +0000
tree: bb52bceb903ce7c8d83ca76c13299515b27b1703
parent: 653221fa8e3adb28920f745732c7e5a61fdabb95 [diff]
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index 6d289ec..4ae0383 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp

@@ -939,7 +939,9 @@
                     .Authorization(TAG_ATTESTATION_ID_MODEL, "malicious-model");
 
     if (isSecondImeiIdAttestationRequired()) {
-        attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, "invalid-second-imei");
+        // Note: the invalid value here is < 16 bytes long to avoid triggering any implementation
+        // checks on valid IMEI lengths.
+        attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, "invalid-imei2");
     }
     vector<uint8_t> key_blob;
     vector<KeyCharacteristics> key_characteristics;
commit	8351f33b2b5a4be356605251e2ea26c3c03d946f	[log] [tgz]
author	David Drysdale <drysdale@google.com>	Mon Aug 07 11:53:46 2023 +0100
committer	Yinchu Chen <chenyc5@motorola.com>	Tue Feb 27 10:13:15 2024 +0000
tree	bb52bceb903ce7c8d83ca76c13299515b27b1703
parent	653221fa8e3adb28920f745732c7e5a61fdabb95 [diff]