commit a7a6f70e62f70661e1fa8e8ef79fe0b7f7f864a7
author subrahmanyaman <subrahmanyaman@google.com> Wed Jan 18 18:13:27 2023 +0000
committer subrahmanyaman <subrahmanyaman@google.com> Wed Jan 18 18:13:27 2023 +0000
tree 0433bed8eac1335d79a1cc39e11491aeb6db5495
parent da4d0bcb15cb70c1da04c68cdc3a6e62d031f3d3

Updated the digest to SHA_2_256 in key upgrade tests.

Updated the digest to SHA_2_256 in manaul key upgrade tests
so that these tests works for StrongBox as well.

Test: VtsAidlKeyMintTargetTest
Change-Id: I971f6e13272450d39537cc44c59f8ed8dbd19bf0

security/keymint/aidl/vts/functional/KeyBlobUpgradeTest.cpp

diff --git a/security/keymint/aidl/vts/functional/KeyBlobUpgradeTest.cpp b/security/keymint/aidl/vts/functional/KeyBlobUpgradeTest.cpp
index c952012..b2ae313 100644
--- a/security/keymint/aidl/vts/functional/KeyBlobUpgradeTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyBlobUpgradeTest.cpp
@@ -291,14 +291,14 @@
                                 .Authorization(TAG_NO_AUTH_REQUIRED)},
             {"hmac-key", AuthorizationSetBuilder()
                                  .HmacKey(128)
-                                 .Digest(Digest::SHA1)
+                                 .Digest(Digest::SHA_2_256)
                                  .Authorization(TAG_MIN_MAC_LENGTH, 128)
                                  .Authorization(TAG_NO_AUTH_REQUIRED)},
             {"rsa-key", AuthorizationSetBuilder()
                                 .RsaEncryptionKey(2048, 65537)
                                 .Authorization(TAG_PURPOSE, KeyPurpose::SIGN)
                                 .Digest(Digest::NONE)
-                                .Digest(Digest::SHA1)
+                                .Digest(Digest::SHA_2_256)
                                 .Padding(PaddingMode::NONE)
                                 .Authorization(TAG_NO_AUTH_REQUIRED)
                                 .SetDefaultValidity()},
@@ -308,7 +308,7 @@
                             .EcdsaSigningKey(EcCurve::P_256)
                             .Authorization(TAG_PURPOSE, KeyPurpose::AGREE_KEY)
                             .Digest(Digest::NONE)
-                            .Digest(Digest::SHA1)
+                            .Digest(Digest::SHA_2_256)
                             .Authorization(TAG_NO_AUTH_REQUIRED)
                             .SetDefaultValidity(),
             },
@@ -465,7 +465,7 @@
                 string plaintext = DecryptMessage(keyblob, ciphertext, builder);
                 EXPECT_EQ(message, plaintext);
             } else if (name.find("hmac-key") != std::string::npos) {
-                builder.Digest(Digest::SHA1);
+                builder.Digest(Digest::SHA_2_256);
                 auto sign_builder = builder;
                 sign_builder.Authorization(TAG_MAC_LENGTH, 128);
                 string tag = SignMessage(keyblob, message, sign_builder);
@@ -475,7 +475,7 @@
                 string signature = SignMessage(keyblob, message, builder);
                 LocalVerifyMessage(cert, message, signature, builder);
             } else if (name.find("p256-key") != std::string::npos) {
-                builder.Digest(Digest::SHA1);
+                builder.Digest(Digest::SHA_2_256);
                 string signature = SignMessage(keyblob, message, builder);
                 LocalVerifyMessage(cert, message, signature, builder);
             } else if (name.find("ed25519-key") != std::string::npos) {