KeyMint: Device IDs attestation based on verion. Updated VTS testcases where Device IDs Attestation expected as optional and made it mandatory if KeyMint version >= 2 or device first shipped with api_level 33. Bug: 221190197 Test: run vts -m VtsAidlKeyMintTargetTest Change-Id: I8870a9301d36abdc4fa6585b9f8d62cc1cfd3d96

commit: 88ad1890367281ce0387b2ab7631e451e1c463fd [log] [tgz]
author: Prashant Patil <patilprashant@google.com> Tue Mar 15 16:31:02 2022 +0000
committer: Prashant Patil <patilprashant@google.com> Fri Mar 25 12:16:11 2022 +0000
tree: d5bc97dfe2b93dca3829b857e0514a93f00472ce
parent: 950b7b802616756666ddae9909686107c6309f62 [diff] [blame]
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index d8502e4..3b75c50 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp

@@ -1986,8 +1986,8 @@
         if (SecLevel() == SecurityLevel::STRONGBOX) {
             if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) return;
         }
-        if (result == ErrorCode::CANNOT_ATTEST_IDS) {
-            // Device ID attestation is optional; KeyMint may not support it at all.
+        if (result == ErrorCode::CANNOT_ATTEST_IDS && !isDeviceIdAttestationRequired()) {
+            // ID attestation was optional till api level 32, from api level 33 it is mandatory.
             continue;
         }
         ASSERT_EQ(result, ErrorCode::OK);
commit	88ad1890367281ce0387b2ab7631e451e1c463fd	[log] [tgz]
author	Prashant Patil <patilprashant@google.com>	Tue Mar 15 16:31:02 2022 +0000
committer	Prashant Patil <patilprashant@google.com>	Fri Mar 25 12:16:11 2022 +0000
tree	d5bc97dfe2b93dca3829b857e0514a93f00472ce
parent	950b7b802616756666ddae9909686107c6309f62 [diff] [blame]