Test for patchlevels and too much entropy Add tests for: - Too much entropy should be rejected with INVALID_INPUT_LENGTH - All authorization lists should include a vendor and boot patchlevel. These requirements are in both the KeyMint and the KeyMaster 4.0 AIDL specificications, but have never been policed before. Currently disabled with a command-line flag because CF does not have the patchlevels and so fails lots of tests. Test: VtsKeyMintAidlTargetTest Change-Id: Ic9622ef3f1b80e013a34059218e3e029f392eb72

commit: bb3d85eaa4c8564ea864df2dd5abea8c585e0408 [log] [tgz]
author: David Drysdale <drysdale@google.com> Tue Apr 13 11:15:51 2021 +0100
committer: David Drysdale <drysdale@google.com> Fri Apr 30 14:50:14 2021 +0100
tree: 3ed50481d64bedf3a83fc7ae461a0fd9868a1b8b
parent: 7de9febd174214cfb9ac65ada12c2ceb988cd19d [diff] [blame]
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
index 95f0c19..88998d5 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h

@@ -71,6 +71,7 @@
     IKeyMintDevice& keyMint() { return *keymint_; }
     uint32_t os_version() { return os_version_; }
     uint32_t os_patch_level() { return os_patch_level_; }
+    uint32_t vendor_patch_level() { return vendor_patch_level_; }
 
     ErrorCode GetReturnErrorCode(const Status& result);
 
@@ -266,6 +267,7 @@
     std::shared_ptr<IKeyMintDevice> keymint_;
     uint32_t os_version_;
     uint32_t os_patch_level_;
+    uint32_t vendor_patch_level_;
 
     SecurityLevel securityLevel_;
     string name_;
commit	bb3d85eaa4c8564ea864df2dd5abea8c585e0408	[log] [tgz]
author	David Drysdale <drysdale@google.com>	Tue Apr 13 11:15:51 2021 +0100
committer	David Drysdale <drysdale@google.com>	Fri Apr 30 14:50:14 2021 +0100
tree	3ed50481d64bedf3a83fc7ae461a0fd9868a1b8b
parent	7de9febd174214cfb9ac65ada12c2ceb988cd19d [diff] [blame]