Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / 853507e5549867dcd72e3f20661839e4ddac3b07^1..853507e5549867dcd72e3f20661839e4ddac3b07 / .
commit853507e5549867dcd72e3f20661839e4ddac3b07[log] [tgz]
authorDavid Drysdale <drysdale@google.com>Wed Nov 22 06:32:13 2023 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Wed Nov 22 06:32:13 2023 +0000
tree6fe7db1ed665f0d0eee658e96eab93c870807507
parent33da1770e131386649b51585e245860836f910a6 [diff]
parentf4cb6de19c39dcae3d72d944dde884e4e99a4bcf [diff]
Merge "AuthGraph VTS: detect additional errors" into main am: f4cb6de19c

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2838658

Change-Id: I7c2bc33984ec60f6864461de36cae3ed885640d1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

diff --git a/security/authgraph/aidl/vts/functional/Android.bp b/security/authgraph/aidl/vts/functional/Android.bp
index 0e3480f..28a70e2 100644
--- a/security/authgraph/aidl/vts/functional/Android.bp
+++ b/security/authgraph/aidl/vts/functional/Android.bp

@@ -50,6 +50,7 @@
 rust_test {
     name: "VtsAidlAuthGraphRoleTest",
     srcs: ["role_test.rs"],
+    require_root: true,
     test_suites: [
         "general-tests",
         "vts",

diff --git a/security/authgraph/aidl/vts/functional/role_test.rs b/security/authgraph/aidl/vts/functional/role_test.rs
index 71a2fae..3075d8a 100644
--- a/security/authgraph/aidl/vts/functional/role_test.rs
+++ b/security/authgraph/aidl/vts/functional/role_test.rs

@@ -22,13 +22,18 @@
 use android_hardware_security_authgraph::aidl::android::hardware::security::authgraph::{
     IAuthGraphKeyExchange::IAuthGraphKeyExchange,
 };
+use binder::StatusCode;
 
 const AUTH_GRAPH_NONSECURE: &str =
     "android.hardware.security.authgraph.IAuthGraphKeyExchange/nonsecure";
 
 /// Retrieve the /nonsecure instance of AuthGraph, which supports both sink and source roles.
 fn get_nonsecure() -> Option<binder::Strong<dyn IAuthGraphKeyExchange>> {
-    binder::get_interface(AUTH_GRAPH_NONSECURE).ok()
+    match binder::get_interface(AUTH_GRAPH_NONSECURE) {
+        Ok(ag) => Some(ag),
+        Err(StatusCode::NAME_NOT_FOUND) => None,
+        Err(e) => panic!("failed to get AuthGraph/nonsecure: {e:?}"),
+    }
 }
 
 /// Macro to require availability of a /nonsecure instance of AuthGraph.

diff --git a/security/authgraph/aidl/vts/functional/source.rs b/security/authgraph/aidl/vts/functional/source.rs
index 4178a99..a1e76b3 100644
--- a/security/authgraph/aidl/vts/functional/source.rs
+++ b/security/authgraph/aidl/vts/functional/source.rs

@@ -250,9 +250,13 @@
         &corrupt_key,
     );
 
-    let err = result.expect_err("expect failure with corrupt signature");
-    assert_eq!(
-        err,
-        binder::Status::new_service_specific_error(Error::INVALID_PRIV_KEY_ARC_IN_KEY.0, None)
+    let err = result.expect_err("expect failure with corrupt key");
+    assert!(
+        err == binder::Status::new_service_specific_error(Error::INVALID_KE_KEY.0, None)
+            || err
+                == binder::Status::new_service_specific_error(
+                    Error::INVALID_PRIV_KEY_ARC_IN_KEY.0,
+                    None
+                )
     );
 }