Correct comment about Verified Boot key on devices with custom root of trust. Updating the comment to match the test expectation. The attested Verified Boot key should contain the user-set root of trust if the Verified Boot state is "SelfSigned" (i.e. "yellow"). Bug: 376832222 Test: n/a (comment update) Change-Id: Ie3c43157f05e40fa42b107768af561644ff5d30f

commit: a5439fd7a559e49976b6315366c7ad25023bfba4 [log] [tgz]
author: Catherine Vlasov <cvlasov@google.com> Fri Nov 15 14:38:40 2024 +0000
committer: Catherine Vlasov <cvlasov@google.com> Fri Nov 15 15:18:49 2024 +0000
tree: 151d3e79eae8f2cf03a42b986491645603a5bd37
parent: b9c1291dfb250b7620cf02185182b14d0c470315 [diff]
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index cfe9fa7..24e796f 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp

@@ -1812,7 +1812,7 @@
         }
     }
 
-    // Verified boot key should be all 0's if the boot state is not verified or self signed
+    // Verified Boot key should be all zeroes if the boot state is "orange".
     std::string empty_boot_key(32, '\0');
     std::string verified_boot_key_str((const char*)verified_boot_key.data(),
                                       verified_boot_key.size());
commit	a5439fd7a559e49976b6315366c7ad25023bfba4	[log] [tgz]
author	Catherine Vlasov <cvlasov@google.com>	Fri Nov 15 14:38:40 2024 +0000
committer	Catherine Vlasov <cvlasov@google.com>	Fri Nov 15 15:18:49 2024 +0000
tree	151d3e79eae8f2cf03a42b986491645603a5bd37
parent	b9c1291dfb250b7620cf02185182b14d0c470315 [diff]