commit d847ef9f039b7ac5022471097666150c2f818577
author David Drysdale <drysdale@google.com> Fri Oct 13 08:06:40 2023 +0100
committer David Drysdale <drysdale@google.com> Mon Nov 20 11:41:31 2023 +0000
tree a7293af697ac22c5e86707646ff367c52cd25855
parent 69efe8e7539aae345a18b907b7e4afb6c5868dba

KeyMint: check length of verified boot key

Only police for future versions of KeyMint, so that any existing
implementations that use the full key don't suddenly start to fail
VTS.

Bug: 305103215
Test: VtsAidlKeyMintTargetTest
Change-Id: If6534b84b6eff8cdb281586e17a5f89c7bf5f5d0

security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp

diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 822770d..d3f6ae3 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -1792,6 +1792,12 @@
     std::string empty_boot_key(32, '\0');
     std::string verified_boot_key_str((const char*)verified_boot_key.data(),
                                       verified_boot_key.size());
+    if (get_vsr_api_level() >= __ANDROID_API_V__) {
+        // The attestation should contain the SHA-256 hash of the verified boot
+        // key.  However, this was not checked for earlier versions of the KeyMint
+        // HAL so only be strict for VSR-V and above.
+        EXPECT_LE(verified_boot_key.size(), 32);
+    }
     EXPECT_NE(property_get("ro.boot.verifiedbootstate", property_value, ""), 0);
     if (!strcmp(property_value, "green")) {
         EXPECT_EQ(verified_boot_state, VerifiedBoot::VERIFIED);