Merge "Effect: benchmark the effect process" into tm-dev
diff --git a/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp b/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp
index f25c391..dfc2386 100644
--- a/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp
+++ b/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp
@@ -715,7 +715,7 @@
sink.base.channelMask.value(getConfig().base.channelMask);
sink.ext.mix({});
sink.ext.mix().ioHandle = helper.getIoHandle();
- sink.ext.mix().useCase.source(toString(xsd::AudioSource::AUDIO_SOURCE_MIC));
+ sink.ext.mix().useCase.source(initMetadata.tracks[0].source);
EXPECT_OK(getDevice()->createAudioPatch(hidl_vec<AudioPortConfig>{source},
hidl_vec<AudioPortConfig>{sink},
returnIn(res, mPatchHandle)));
diff --git a/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h b/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h
index 38d6eff..38e9e5f 100644
--- a/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h
+++ b/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h
@@ -1239,23 +1239,30 @@
: public OpenStreamTest<::android::hardware::audio::CORE_TYPES_CPP_VERSION::IStreamIn> {
void SetUp() override {
ASSERT_NO_FATAL_FAILURE(OpenStreamTest::SetUp()); // setup base
+ auto flags = getInputFlags();
#if MAJOR_VERSION <= 6
address.device = AudioDevice::IN_DEFAULT;
#elif MAJOR_VERSION >= 7
auto maybeSourceAddress = getCachedPolicyConfig().getSourceDeviceForMixPort(
getDeviceName(), getMixPortName());
+ auto& metadata = initMetadata.tracks[0];
if (maybeSourceAddress.has_value() &&
!xsd::isTelephonyDevice(maybeSourceAddress.value().deviceType)) {
address = maybeSourceAddress.value();
- auto& metadata = initMetadata.tracks[0];
metadata.source = toString(xsd::AudioSource::AUDIO_SOURCE_UNPROCESSED);
metadata.channelMask = getConfig().base.channelMask;
} else {
address.deviceType = toString(xsd::AudioDevice::AUDIO_DEVICE_IN_DEFAULT);
}
-#endif
+#if MAJOR_VERSION == 7 && MINOR_VERSION >= 1
+ auto flagsIt = std::find(flags.begin(), flags.end(),
+ toString(xsd::AudioInOutFlag::AUDIO_INPUT_FLAG_ULTRASOUND));
+ if (flagsIt != flags.end()) {
+ metadata.source = toString(xsd::AudioSource::AUDIO_SOURCE_ULTRASOUND);
+ }
+#endif // 7.1
+#endif // MAJOR_VERSION >= 7
const AudioConfig& config = getConfig();
- auto flags = getInputFlags();
testOpen(
[&](AudioIoHandle handle, AudioConfig config, auto cb) {
return getDevice()->openInputStream(handle, address, config, flags,
diff --git a/automotive/evs/1.1/vts/functional/VtsHalEvsV1_1TargetTest.cpp b/automotive/evs/1.1/vts/functional/VtsHalEvsV1_1TargetTest.cpp
index 84323ea..623438f 100644
--- a/automotive/evs/1.1/vts/functional/VtsHalEvsV1_1TargetTest.cpp
+++ b/automotive/evs/1.1/vts/functional/VtsHalEvsV1_1TargetTest.cpp
@@ -563,7 +563,8 @@
activeCameras.push_back(pCam);
// Ask for a very large number of buffers in flight to ensure it errors correctly
- Return<EvsResult> badResult = pCam->setMaxFramesInFlight(0xFFFFFFFF);
+ Return<EvsResult> badResult =
+ pCam->setMaxFramesInFlight(std::numeric_limits<int32_t>::max());
EXPECT_EQ(EvsResult::BUFFER_NOT_AVAILABLE, badResult);
// Now ask for exactly two buffers in flight as we'll test behavior in that case
diff --git a/automotive/evs/aidl/vts/VtsHalEvsTargetTest.cpp b/automotive/evs/aidl/vts/VtsHalEvsTargetTest.cpp
index a442368..09e1088 100644
--- a/automotive/evs/aidl/vts/VtsHalEvsTargetTest.cpp
+++ b/automotive/evs/aidl/vts/VtsHalEvsTargetTest.cpp
@@ -526,7 +526,7 @@
mActiveCameras.push_back(pCam);
// Ask for a very large number of buffers in flight to ensure it errors correctly
- auto badResult = pCam->setMaxFramesInFlight(0xFFFFFFFF);
+ auto badResult = pCam->setMaxFramesInFlight(std::numeric_limits<int32_t>::max());
EXPECT_TRUE(!badResult.isOk() && badResult.getServiceSpecificError() ==
static_cast<int>(EvsResult::INVALID_ARG));
diff --git a/bluetooth/audio/utils/aidl_session/BluetoothAudioCodecs.cpp b/bluetooth/audio/utils/aidl_session/BluetoothAudioCodecs.cpp
index fc54c70..f3ca279 100644
--- a/bluetooth/audio/utils/aidl_session/BluetoothAudioCodecs.cpp
+++ b/bluetooth/audio/utils/aidl_session/BluetoothAudioCodecs.cpp
@@ -115,6 +115,20 @@
.octetsPerFrame = {40}};
// Default Supported Codecs
+// LC3 24_2: sample rate: 24 kHz, frame duration: 10 ms, octets per frame: 60
+static const Lc3Capabilities kLc3Capability_24_2 = {
+ .samplingFrequencyHz = {24000},
+ .frameDurationUs = {10000},
+ .octetsPerFrame = {60}};
+
+// Default Supported Codecs
+// LC3 32_2: sample rate: 32 kHz, frame duration: 10 ms, octets per frame: 80
+static const Lc3Capabilities kLc3Capability_32_2 = {
+ .samplingFrequencyHz = {32000},
+ .frameDurationUs = {10000},
+ .octetsPerFrame = {80}};
+
+// Default Supported Codecs
// LC3 48_4: sample rate: 48 kHz, frame duration: 10 ms, octets per frame: 120
static const Lc3Capabilities kLc3Capability_48_4 = {
.samplingFrequencyHz = {48000},
@@ -122,7 +136,8 @@
.octetsPerFrame = {120}};
static const std::vector<Lc3Capabilities> supportedLc3CapabilityList = {
- kLc3Capability_48_4, kLc3Capability_16_2, kLc3Capability_16_1};
+ kLc3Capability_48_4, kLc3Capability_32_2, kLc3Capability_24_2,
+ kLc3Capability_16_2, kLc3Capability_16_1};
static AudioLocation stereoAudio = static_cast<AudioLocation>(
static_cast<uint8_t>(AudioLocation::FRONT_LEFT) |
diff --git a/camera/metadata/aidl/android/hardware/camera/metadata/CameraMetadataTag.aidl b/camera/metadata/aidl/android/hardware/camera/metadata/CameraMetadataTag.aidl
index 692421a..48b1ee4 100644
--- a/camera/metadata/aidl/android/hardware/camera/metadata/CameraMetadataTag.aidl
+++ b/camera/metadata/aidl/android/hardware/camera/metadata/CameraMetadataTag.aidl
@@ -543,7 +543,7 @@
* android.flash.info.strengthDefaultLevel [static, int32, public]
*
* <p>Default flashlight brightness level to be set via
- * {android.hardware.camera2.CameraManager#turnOnTorchWithStrengthLevel}.</p>
+ * <a href="https://developer.android.com/reference/android/hardware/camera2/CameraManager.html#turnOnTorchWithStrengthLevel">CameraManager#turnOnTorchWithStrengthLevel</a>.</p>
*/
ANDROID_FLASH_INFO_STRENGTH_DEFAULT_LEVEL,
/**
diff --git a/neuralnetworks/utils/adapter/aidl/src/Device.cpp b/neuralnetworks/utils/adapter/aidl/src/Device.cpp
index 1b90a1a..453ec9b 100644
--- a/neuralnetworks/utils/adapter/aidl/src/Device.cpp
+++ b/neuralnetworks/utils/adapter/aidl/src/Device.cpp
@@ -135,16 +135,26 @@
return ndk::SharedRefBase::make<PreparedModel>(std::move(preparedModel));
}
+void notify(IPreparedModelCallback* callback, ErrorStatus status,
+ const std::shared_ptr<IPreparedModel>& preparedModel) {
+ if (callback != nullptr) {
+ const auto ret = callback->notify(status, preparedModel);
+ if (!ret.isOk()) {
+ LOG(ERROR) << "IPreparedModelCallback::notify failed with " << ret.getDescription();
+ }
+ }
+}
+
void notify(IPreparedModelCallback* callback, PrepareModelResult result) {
if (!result.has_value()) {
const auto& [message, status] = result.error();
LOG(ERROR) << message;
const auto aidlCode = utils::convert(status).value_or(ErrorStatus::GENERAL_FAILURE);
- callback->notify(aidlCode, nullptr);
+ notify(callback, aidlCode, nullptr);
} else {
auto preparedModel = std::move(result).value();
auto aidlPreparedModel = adaptPreparedModel(std::move(preparedModel));
- callback->notify(ErrorStatus::NONE, std::move(aidlPreparedModel));
+ notify(callback, ErrorStatus::NONE, std::move(aidlPreparedModel));
}
}
@@ -284,7 +294,7 @@
if (!result.has_value()) {
const auto& [message, code] = result.error();
const auto aidlCode = utils::convert(code).value_or(ErrorStatus::GENERAL_FAILURE);
- callback->notify(aidlCode, nullptr);
+ notify(callback.get(), aidlCode, nullptr);
return ndk::ScopedAStatus::fromServiceSpecificErrorWithMessage(
static_cast<int32_t>(aidlCode), message.c_str());
}
@@ -300,7 +310,7 @@
if (!result.has_value()) {
const auto& [message, code] = result.error();
const auto aidlCode = utils::convert(code).value_or(ErrorStatus::GENERAL_FAILURE);
- callback->notify(aidlCode, nullptr);
+ notify(callback.get(), aidlCode, nullptr);
return ndk::ScopedAStatus::fromServiceSpecificErrorWithMessage(
static_cast<int32_t>(aidlCode), message.c_str());
}
@@ -317,7 +327,7 @@
if (!result.has_value()) {
const auto& [message, code] = result.error();
const auto aidlCode = utils::convert(code).value_or(ErrorStatus::GENERAL_FAILURE);
- callback->notify(aidlCode, nullptr);
+ notify(callback.get(), aidlCode, nullptr);
return ndk::ScopedAStatus::fromServiceSpecificErrorWithMessage(
static_cast<int32_t>(aidlCode), message.c_str());
}
diff --git a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
index cfbf171..8b3875b 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
@@ -18,13 +18,20 @@
/**
* ProtectedData contains the encrypted BCC and the ephemeral MAC key used to
- * authenticate the keysToSign (see keysToSignMac output argument).
+ * authenticate the keysToSign (see keysToSignMac output argument of
+ * IRemotelyProvisionedComponent.generateCertificateRequest).
* @hide
*/
@VintfStability
parcelable ProtectedData {
/**
- * ProtectedData is a COSE_Encrypt structure, specified by the following CDDL
+ * ProtectedData is a COSE_Encrypt structure, encrypted with an AES key that is agreed upon
+ * using Elliptic-curve Diffie-Hellman. The contents of the structure are specified by the
+ * following CDDL [RFC8610].
+ *
+ * Notes:
+ * - None of the CBOR in ProtectedData uses CBOR tags. If an implementation includes
+ * tags, parsers may reject the data.
*
* ProtectedData = [ // COSE_Encrypt
* protected: bstr .cbor {
@@ -34,13 +41,18 @@
* 5 : bstr .size 12 // IV
* },
* ciphertext: bstr, // AES-GCM-256(K, .cbor ProtectedDataPayload)
+ * // Where the encryption key 'K' is derived as follows:
+ * // ikm = ECDH(EEK_pub, Ephemeral_priv)
+ * // salt = null
+ * // info = .cbor Context (see below)
+ * // K = HKDF-SHA-256(ikm, salt, info)
* recipients : [
* [ // COSE_Recipient
* protected : bstr .cbor {
* 1 : -25 // Algorithm : ECDH-ES + HKDF-256
* },
* unprotected : {
- * -1 : PubKeyX25519 / PubKeyEcdhP256 // Of the sender
+ * -1 : PubKeyX25519 / PubKeyEcdhP256 // Ephemeral_pub
* 4 : bstr, // KID : EEK ID
* },
* ciphertext : nil
@@ -48,14 +60,14 @@
* ]
* ]
*
- * K = HKDF-256(ECDH(EEK_pub, Ephemeral_priv), Context)
- *
- * Context = [ // COSE_KDF_Context
+ * // The COSE_KDF_Context that is used to derive the ProtectedData encryption key with
+ * // HKDF. See details on use in ProtectedData comments above.
+ * Context = [
* AlgorithmID : 3 // AES-GCM 256
* PartyUInfo : [
* identity : bstr "client"
* nonce : bstr .size 0,
- * other : bstr // Ephemeral pubkey
+ * other : bstr // Ephemeral_pub
* ],
* PartyVInfo : [
* identity : bstr "server",
@@ -68,41 +80,53 @@
* ]
* ]
*
+ * // The data that is encrypted and included in ProtectedData ciphertext (see above).
* ProtectedDataPayload [
* SignedMac,
* Bcc,
* ? AdditionalDKSignatures,
* ]
+ *
+ * // AdditionalDKSignatures allows the platform to provide additional certifications
+ * // for the DK_pub. For example, this could be provided by the hardware vendor, who
+ * // certifies all of their devices. The SignerName is a free-form string describing
+ * // who generated the signature.
* AdditionalDKSignatures = {
* + SignerName => DKCertChain
* }
*
+ * // SignerName is a string identifier that indicates both the signing authority as
+ * // well as the format of the DKCertChain
* SignerName = tstr
*
* DKCertChain = [
- * 2* Certificate // Root -> Leaf. Root is the vendor
- * // self-signed cert, leaf contains DK_pub
+ * 2* X509Certificate // Root -> ... -> Leaf. "Root" is the vendor self-signed
+ * // cert, "Leaf" contains DK_pub. There may also be
+ * // intermediate certificates between Root and Leaf.
* ]
*
- * Certificate = COSE_Sign1 of a public key
+ * // A bstr containing a DER-encoded X.509 certificate (RSA, NIST P-curve, or edDSA)
+ * X509Certificate = bstr
*
- * SignedMac = [ // COSE_Sign1
- * bstr .cbor { // Protected params
- * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
+ * // The SignedMac, which authenticates the MAC key that is used to authenticate the
+ * // keysToSign.
+ * SignedMac = [ // COSE_Sign1
+ * bstr .cbor { // Protected params
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
- * {}, // Unprotected params
- * bstr .size 32, // MAC key
+ * {}, // Unprotected params
+ * bstr .size 32, // Payload: MAC key
* bstr // PureEd25519(KM_priv, bstr .cbor SignedMac_structure) /
* // ECDSA(KM_priv, bstr .cbor SignedMac_structure)
* ]
*
- * SignedMac_structure = [
+ * SignedMac_structure = [ // COSE Sig_structure
* "Signature1",
- * bstr .cbor { // Protected params
- * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
+ * bstr .cbor { // Protected params
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
- * bstr .cbor SignedMacAad
- * bstr .size 32 // MAC key
+ * bstr .cbor SignedMacAad,
+ * bstr .size 32 // MAC key
* ]
*
* SignedMacAad = [
@@ -114,31 +138,48 @@
* // the signature.
* ]
*
+ * VerifiedDeviceInfo = DeviceInfo // See DeviceInfo.aidl
+ *
+ * // The BCC is the boot certificate chain, containing measurements about the device
+ * // boot chain. The BCC generally follows the Open Profile for DICE specification at
+ * // https://pigweed.googlesource.com/open-dice/+/HEAD/docs/specification.md.
+ * //
+ * // The first entry in the Bcc is the DK_pub, encoded as a COSE_key. All entries after
+ * // the first describe a link in the boot chain (e.g. bootloaders: BL1, BL2, ... BLN).
+ * // Note that there is no BccEntry for DK_pub, only a "bare" COSE_key.
* Bcc = [
* PubKeyEd25519 / PubKeyECDSA256, // DK_pub
* + BccEntry, // Root -> leaf (KM_pub)
* ]
*
- * BccPayload = { // CWT
- * 1 : tstr, // Issuer
- * 2 : tstr, // Subject
- * // See the Open Profile for DICE for details on these fields.
- * ? -4670545 : bstr, // Code Hash
- * ? -4670546 : bstr, // Code Descriptor
- * ? -4670547 : bstr, // Configuration Hash
- * ? -4670548 : bstr .cbor { // Configuration Descriptor
- * ? -70002 : tstr, // Component name
- * ? -70003 : int, // Firmware version
- * ? -70004 : null, // Resettable
- * },
- * ? -4670549 : bstr, // Authority Hash
- * ? -4670550 : bstr, // Authority Descriptor
- * ? -4670551 : bstr, // Mode
+ * // This is the signed payload for each entry in the Bcc. Note that the "Configuration
+ * // Input Values" described by the Open Profile are not used here. Instead, the Bcc
+ * // defines its own configuration values for the Configuration Descriptor field. See
+ * // the Open Profile for DICE for more details on the fields. All hashes are SHA256.
+ * BccPayload = { // CWT [RFC8392]
+ * 1 : tstr, // Issuer
+ * 2 : tstr, // Subject
* -4670552 : bstr .cbor PubKeyEd25519 /
- * bstr .cbor PubKeyECDSA256 // Subject Public Key
- * -4670553 : bstr // Key Usage
+ * bstr .cbor PubKeyECDSA256, // Subject Public Key
+ * -4670553 : bstr // Key Usage
+ *
+ * // NOTE: All of the following fields may be omitted for a "Degenerate BCC", as
+ * // described by IRemotelyProvisionedComponent.aidl.
+ * -4670545 : bstr, // Code Hash
+ * ? -4670546 : bstr, // Code Descriptor
+ * ? -4670547 : bstr, // Configuration Hash
+ * -4670548 : bstr .cbor { // Configuration Descriptor
+ * ? -70002 : tstr, // Component name
+ * ? -70003 : int, // Firmware version
+ * ? -70004 : null, // Resettable
+ * },
+ * -4670549 : bstr, // Authority Hash
+ * ? -4670550 : bstr, // Authority Descriptor
+ * -4670551 : bstr, // Mode
* }
*
+ * // Each entry in the Bcc is a BccPayload signed by the key from the previous entry
+ * // in the Bcc array.
* BccEntry = [ // COSE_Sign1 (untagged)
* protected : bstr .cbor {
* 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
@@ -159,8 +200,8 @@
* payload: bstr .cbor BccPayload
* ]
*
- * VerifiedDeviceInfo = DeviceInfo // See DeviceInfo.aidl
- *
+ * // The following section defines some types that are reused throughout the above
+ * // data structures.
* PubKeyX25519 = { // COSE_Key
* 1 : 1, // Key type : Octet Key Pair
* -1 : 4, // Curve : X25519
@@ -168,25 +209,25 @@
* }
*
* PubKeyEd25519 = { // COSE_Key
- * 1 : 1, // Key type : octet key pair
- * 3 : AlgorithmEdDSA, // Algorithm : EdDSA
- * -1 : 6, // Curve : Ed25519
- * -2 : bstr // X coordinate, little-endian
+ * 1 : 1, // Key type : octet key pair
+ * 3 : AlgorithmEdDSA, // Algorithm : EdDSA
+ * -1 : 6, // Curve : Ed25519
+ * -2 : bstr // X coordinate, little-endian
* }
*
- * PubKeyEcdhP256 = { // COSE_Key
- * 1 : 2, // Key type : EC2
- * -1 : 1, // Curve : P256
- * -2 : bstr // Sender X coordinate
- * -3 : bstr // Sender Y coordinate
+ * PubKeyEcdhP256 = { // COSE_Key
+ * 1 : 2, // Key type : EC2
+ * -1 : 1, // Curve : P256
+ * -2 : bstr // Sender X coordinate
+ * -3 : bstr // Sender Y coordinate
* }
*
- * PubKeyECDSA256 = { // COSE_Key
- * 1 : 2, // Key type : EC2
- * 3 : AlgorithmES256, // Algorithm : ECDSA w/ SHA-256
- * -1 : 1, // Curve: P256
- * -2 : bstr, // X coordinate
- * -3 : bstr // Y coordinate
+ * PubKeyECDSA256 = { // COSE_Key
+ * 1 : 2, // Key type : EC2
+ * 3 : AlgorithmES256, // Algorithm : ECDSA w/ SHA-256
+ * -1 : 1, // Curve: P256
+ * -2 : bstr, // X coordinate
+ * -3 : bstr // Y coordinate
* }
*
* AlgorithmES256 = -7
diff --git a/security/keymint/aidl/vts/functional/SecureElementProvisioningTest.cpp b/security/keymint/aidl/vts/functional/SecureElementProvisioningTest.cpp
index 6f13867..e630f70 100644
--- a/security/keymint/aidl/vts/functional/SecureElementProvisioningTest.cpp
+++ b/security/keymint/aidl/vts/functional/SecureElementProvisioningTest.cpp
@@ -57,6 +57,15 @@
}
}
+ int32_t AidlVersion(shared_ptr<IKeyMintDevice> keymint) {
+ int32_t version = 0;
+ auto status = keymint->getInterfaceVersion(&version);
+ if (!status.isOk()) {
+ ADD_FAILURE() << "Failed to determine interface version";
+ }
+ return version;
+ }
+
static map<SecurityLevel, shared_ptr<IKeyMintDevice>> keymints_;
};
@@ -73,12 +82,14 @@
}
TEST_F(SecureElementProvisioningTest, TeeOnly) {
- if (keymints_.empty()) {
- GTEST_SKIP() << "Test not applicable to device with no KeyMint devices";
+ if (keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT) == 0) {
+ GTEST_SKIP() << "Test not applicable to device with no TEE KeyMint device";
}
- ASSERT_EQ(keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT), 1);
auto tee = keymints_.find(SecurityLevel::TRUSTED_ENVIRONMENT)->second;
- ASSERT_NE(tee, nullptr);
+ // Execute the test only for KeyMint version >= 2.
+ if (AidlVersion(tee) < 2) {
+ GTEST_SKIP() << "Test not applicable to TEE KeyMint device before v2";
+ }
array<uint8_t, 16> challenge1 = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
array<uint8_t, 16> challenge2 = {1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
@@ -111,12 +122,14 @@
}
TEST_F(SecureElementProvisioningTest, TeeDoesNotImplementStrongBoxMethods) {
- if (keymints_.empty()) {
- GTEST_SKIP() << "Test not applicable to device with no KeyMint devices";
+ if (keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT) == 0) {
+ GTEST_SKIP() << "Test not applicable to device with no TEE KeyMint device";
}
- ASSERT_EQ(keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT), 1);
auto tee = keymints_.find(SecurityLevel::TRUSTED_ENVIRONMENT)->second;
- ASSERT_NE(tee, nullptr);
+ // Execute the test only for KeyMint version >= 2.
+ if (AidlVersion(tee) < 2) {
+ GTEST_SKIP() << "Test not applicable to TEE KeyMint device before v2";
+ }
array<uint8_t, 16> challenge;
Status result = tee->getRootOfTrustChallenge(&challenge);
@@ -135,9 +148,11 @@
// Need a StrongBox to provision.
GTEST_SKIP() << "Test not applicable to device with no StrongBox KeyMint device";
}
-
+ // Execute the test only for KeyMint version >= 2.
auto sb = keymints_.find(SecurityLevel::STRONGBOX)->second;
- ASSERT_NE(sb, nullptr);
+ if (AidlVersion(sb) < 2) {
+ GTEST_SKIP() << "Test not applicable to StrongBox KeyMint device before v2";
+ }
vector<uint8_t> rootOfTrust;
Status result = sb->getRootOfTrust({}, &rootOfTrust);
@@ -151,14 +166,19 @@
// Need a StrongBox to provision.
GTEST_SKIP() << "Test not applicable to device with no StrongBox KeyMint device";
}
-
- ASSERT_EQ(keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT), 1);
- auto tee = keymints_.find(SecurityLevel::TRUSTED_ENVIRONMENT)->second;
- ASSERT_NE(tee, nullptr);
-
- ASSERT_EQ(keymints_.count(SecurityLevel::STRONGBOX), 1);
+ // Execute the test only for KeyMint version >= 2.
auto sb = keymints_.find(SecurityLevel::STRONGBOX)->second;
- ASSERT_NE(sb, nullptr);
+ if (AidlVersion(sb) < 2) {
+ GTEST_SKIP() << "Test not applicable to StrongBox KeyMint device before v2";
+ }
+
+ if (keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT) == 0) {
+ GTEST_SKIP() << "Test not applicable to device with no TEE KeyMint device";
+ }
+ auto tee = keymints_.find(SecurityLevel::TRUSTED_ENVIRONMENT)->second;
+ if (AidlVersion(tee) < 2) {
+ GTEST_SKIP() << "Test not applicable to TEE KeyMint device before v2";
+ }
array<uint8_t, 16> challenge;
Status result = sb->getRootOfTrustChallenge(&challenge);
@@ -185,10 +205,11 @@
// Need a StrongBox to provision.
GTEST_SKIP() << "Test not applicable to device with no StrongBox KeyMint device";
}
-
- ASSERT_EQ(keymints_.count(SecurityLevel::STRONGBOX), 1);
+ // Execute the test only for KeyMint version >= 2.
auto sb = keymints_.find(SecurityLevel::STRONGBOX)->second;
- ASSERT_NE(sb, nullptr);
+ if (AidlVersion(sb) < 2) {
+ GTEST_SKIP() << "Test not applicable to StrongBox KeyMint device before v2";
+ }
array<uint8_t, 16> challenge1;
Status result = sb->getRootOfTrustChallenge(&challenge1);
@@ -208,14 +229,20 @@
// Need a StrongBox to provision.
GTEST_SKIP() << "Test not applicable to device with no StrongBox KeyMint device";
}
-
- ASSERT_EQ(keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT), 1);
- auto tee = keymints_.find(SecurityLevel::TRUSTED_ENVIRONMENT)->second;
- ASSERT_NE(tee, nullptr);
-
- ASSERT_EQ(keymints_.count(SecurityLevel::STRONGBOX), 1);
+ // Execute the test only for KeyMint version >= 2.
auto sb = keymints_.find(SecurityLevel::STRONGBOX)->second;
- ASSERT_NE(sb, nullptr);
+ if (AidlVersion(sb) < 2) {
+ GTEST_SKIP() << "Test not applicable to StrongBox KeyMint device before v2";
+ }
+
+ if (keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT) == 0) {
+ GTEST_SKIP() << "Test not applicable to device with no TEE KeyMint device";
+ }
+ // Execute the test only for KeyMint version >= 2.
+ auto tee = keymints_.find(SecurityLevel::TRUSTED_ENVIRONMENT)->second;
+ if (AidlVersion(tee) < 2) {
+ GTEST_SKIP() << "Test not applicable to TEE KeyMint device before v2";
+ }
array<uint8_t, 16> challenge;
Status result = sb->getRootOfTrustChallenge(&challenge);
@@ -240,14 +267,20 @@
// Need a StrongBox to provision.
GTEST_SKIP() << "Test not applicable to device with no StrongBox KeyMint device";
}
-
- ASSERT_EQ(keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT), 1);
- auto tee = keymints_.find(SecurityLevel::TRUSTED_ENVIRONMENT)->second;
- ASSERT_NE(tee, nullptr);
-
- ASSERT_EQ(keymints_.count(SecurityLevel::STRONGBOX), 1);
+ // Execute the test only for KeyMint version >= 2.
auto sb = keymints_.find(SecurityLevel::STRONGBOX)->second;
- ASSERT_NE(sb, nullptr);
+ if (AidlVersion(sb) < 2) {
+ GTEST_SKIP() << "Test not applicable to StrongBox KeyMint device before v2";
+ }
+
+ if (keymints_.count(SecurityLevel::TRUSTED_ENVIRONMENT) == 0) {
+ GTEST_SKIP() << "Test not applicable to device with no TEE KeyMint device";
+ }
+ // Execute the test only for KeyMint version >= 2.
+ auto tee = keymints_.find(SecurityLevel::TRUSTED_ENVIRONMENT)->second;
+ if (AidlVersion(tee) < 2) {
+ GTEST_SKIP() << "Test not applicable to TEE KeyMint device before v2";
+ }
array<uint8_t, 16> challenge;
Status result = sb->getRootOfTrustChallenge(&challenge);