KeyMint: fix auth test HAT The test case for an auth-per-operation HAT with an invalid HMAC is wrong -- it is re-using the previous HAT, which fails for a different reason (has an old challenge). Fix the test to use the HAT that's wrong in the intended way. Bug: 297333975 Test: VtsAidlKeyMintTargetTest Change-Id: I15fe9b0c1b53452df0f67dd44534fdb80a6c2a9c

commit: 97272d8d5f16d64e98ed4b1e7096e24647f3939f [log] [tgz]
author: David Drysdale <drysdale@google.com> Fri Aug 25 07:27:28 2023 +0100
committer: David Drysdale <drysdale@google.com> Fri Aug 25 07:30:12 2023 +0100
tree: 15bedaae44e94ebdf1d70f1fad5371239ad04cb0
parent: bc2537e41fdd0185ed7ffd6295380f038e15e336 [diff]
diff --git a/security/keymint/aidl/vts/functional/AuthTest.cpp b/security/keymint/aidl/vts/functional/AuthTest.cpp
index ecaee11..d5c6d2a 100644
--- a/security/keymint/aidl/vts/functional/AuthTest.cpp
+++ b/security/keymint/aidl/vts/functional/AuthTest.cpp

@@ -545,7 +545,7 @@
     ASSERT_GT(dodgy_hat->mac.size(), 0);
     dodgy_hat->mac[0] ^= 0x01;
     EXPECT_EQ(ErrorCode::KEY_USER_NOT_AUTHENTICATED,
-              Finish(message, {} /* signature */, &ciphertext, hat.value()));
+              Finish(message, {} /* signature */, &ciphertext, dodgy_hat.value()));
 }
 
 // Test use of a key that requires an auth token for each action on the operation, with
commit	97272d8d5f16d64e98ed4b1e7096e24647f3939f	[log] [tgz]
author	David Drysdale <drysdale@google.com>	Fri Aug 25 07:27:28 2023 +0100
committer	David Drysdale <drysdale@google.com>	Fri Aug 25 07:30:12 2023 +0100
tree	15bedaae44e94ebdf1d70f1fad5371239ad04cb0
parent	bc2537e41fdd0185ed7ffd6295380f038e15e336 [diff]