commit dd4cdfdca8279d0e769a40ed0379ba6ebe4f2637
author Catherine Vlasov <cvlasov@google.com> Tue Nov 05 17:00:48 2024 +0000
committer Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Tue Nov 05 17:00:48 2024 +0000
tree 4b5a49e1c5cd39e91b6ed9cfe44c539a3702adae
parent 819b22537f4237e3783136325a61444f41430ae2
parent 62c4684eb76baf7749e990c5b2bd285914bf3612

Merge "Expect SHA-256 digest for attested VBMeta digest on VSR-V+." into main am: a742007dfa am: 62c4684eb7

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/3326633

Change-Id: Ied4bbd0ea30820ac20586706df7512dc59202824
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

security/keymint/aidl/vts/functional/BootloaderStateTest.cpp

diff --git a/security/keymint/aidl/vts/functional/BootloaderStateTest.cpp b/security/keymint/aidl/vts/functional/BootloaderStateTest.cpp
index c1f6aee..083a9aa 100644
--- a/security/keymint/aidl/vts/functional/BootloaderStateTest.cpp
+++ b/security/keymint/aidl/vts/functional/BootloaderStateTest.cpp
@@ -109,7 +109,7 @@
     }
 }
 
-// Check that attested vbmeta digest is correct.
+// Check that the attested VBMeta digest is correct.
 TEST_P(BootloaderStateTest, VbmetaDigest) {
     AvbSlotVerifyData* avbSlotData;
     auto suffix = fs_mgr_get_slot_suffix();
@@ -125,21 +125,29 @@
                                   AVB_HASHTREE_ERROR_MODE_EIO, &avbSlotData);
     ASSERT_TRUE(avb_slot_data_loaded(result)) << "Failed to load avb slot data";
 
-    // Unfortunately, bootloader is not required to report the algorithm used
-    // to calculate the digest. There are only two supported options though,
-    // SHA256 and SHA512. Attested VBMeta digest must match one of these.
-    vector<uint8_t> digest256(AVB_SHA256_DIGEST_SIZE);
-    vector<uint8_t> digest512(AVB_SHA512_DIGEST_SIZE);
-
+    vector<uint8_t> sha256Digest(AVB_SHA256_DIGEST_SIZE);
     avb_slot_verify_data_calculate_vbmeta_digest(avbSlotData, AVB_DIGEST_TYPE_SHA256,
-                                                 digest256.data());
-    avb_slot_verify_data_calculate_vbmeta_digest(avbSlotData, AVB_DIGEST_TYPE_SHA512,
-                                                 digest512.data());
+                                                 sha256Digest.data());
 
-    ASSERT_TRUE((attestedVbmetaDigest_ == digest256) || (attestedVbmetaDigest_ == digest512))
-            << "Attested vbmeta digest (" << bin2hex(attestedVbmetaDigest_)
-            << ") does not match computed digest (sha256: " << bin2hex(digest256)
-            << ", sha512: " << bin2hex(digest512) << ").";
+    if (get_vsr_api_level() >= __ANDROID_API_V__) {
+        ASSERT_TRUE(attestedVbmetaDigest_ == sha256Digest)
+                << "Attested VBMeta digest (" << bin2hex(attestedVbmetaDigest_)
+                << ") does not match the expected SHA-256 digest (" << bin2hex(sha256Digest)
+                << ").";
+    } else {
+        // Prior to VSR-V, there was no MUST requirement for the algorithm used by the bootloader
+        // to calculate the VBMeta digest. However, the only two supported options are SHA-256 and
+        // SHA-512, so we expect the attested VBMeta digest to match one of these.
+        vector<uint8_t> sha512Digest(AVB_SHA512_DIGEST_SIZE);
+        avb_slot_verify_data_calculate_vbmeta_digest(avbSlotData, AVB_DIGEST_TYPE_SHA512,
+                                                     sha512Digest.data());
+
+        ASSERT_TRUE((attestedVbmetaDigest_ == sha256Digest) ||
+                    (attestedVbmetaDigest_ == sha512Digest))
+                << "Attested VBMeta digest (" << bin2hex(attestedVbmetaDigest_)
+                << ") does not match the expected digest (SHA-256: " << bin2hex(sha256Digest)
+                << " or SHA-512: " << bin2hex(sha512Digest) << ").";
+    }
 }
 
 INSTANTIATE_KEYMINT_AIDL_TEST(BootloaderStateTest);