commit c8fb3bf12d46b3634c2e62708221b4798ef3d600
author Karuna Wadhera <kwadhera@google.com> Mon Jul 01 12:54:25 2024 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Mon Jul 01 12:54:30 2024 +0000
tree 4b4c38163edec5e0a92f693f53e0635e637ac609
parent 4b4a51928abc461296f08542d46e9eff6a2211be

Revert "Adjust tests to account for new DICE mode check"

Revert submission 3092923-revertrevert340296231

Reason for revert: b/350415187

Reverted changes: /q/submissionid:3092923-revertrevert340296231

Change-Id: I844a8a99f2f9c937b1a29f569fb8de9494bbf82e

compos/tests/java/android/compos/test/ComposTestCase.java

diff --git a/compos/tests/java/android/compos/test/ComposTestCase.java b/compos/tests/java/android/compos/test/ComposTestCase.java
index b70e367..b31f4f3 100644
--- a/compos/tests/java/android/compos/test/ComposTestCase.java
+++ b/compos/tests/java/android/compos/test/ComposTestCase.java
@@ -197,7 +197,6 @@
                                 10000,
                                 validator.getAbsolutePath(),
                                 "dice-chain",
-                                "--allow-any-mode",
                                 bcc_file.getAbsolutePath());
         assertWithMessage("hwtrust failed").about(command_results()).that(result).isSuccess();
     }

rialto/tests/test.rs

diff --git a/rialto/tests/test.rs b/rialto/tests/test.rs
index c2e45f2..0d57301 100644
--- a/rialto/tests/test.rs
+++ b/rialto/tests/test.rs
@@ -71,7 +71,7 @@
 
     check_processing_reverse_request(&mut vm)?;
     let key_pair = check_processing_generating_key_pair_request(&mut vm)?;
-    check_processing_generating_certificate_request(&mut vm, &key_pair.maced_public_key, vm_type)?;
+    check_processing_generating_certificate_request(&mut vm, &key_pair.maced_public_key)?;
     check_attestation_request(&mut vm, &key_pair, vm_type)?;
     Ok(())
 }
@@ -111,7 +111,6 @@
 fn check_processing_generating_certificate_request(
     vm: &mut ServiceVm,
     maced_public_key: &[u8],
-    vm_type: VmType,
 ) -> Result<()> {
     let params = GenerateCertificateRequestParams {
         keys_to_sign: vec![maced_public_key.to_vec()],
@@ -123,7 +122,7 @@
     info!("Received response: {response:?}.");
 
     match response {
-        Response::GenerateCertificateRequest(csr) => check_csr(csr, vm_type),
+        Response::GenerateCertificateRequest(csr) => check_csr(csr),
         _ => bail!("Incorrect response type: {response:?}"),
     }
 }
@@ -276,14 +275,8 @@
     Ok(())
 }
 
-fn check_csr(csr: Vec<u8>, vm_type: VmType) -> Result<()> {
-    let mut session = Session::default();
-
-    // Allow any mode for non-protected VMs because they use a fake DICE chain with the mode set to
-    // debug.
-    session.set_allow_any_mode(vm_type == VmType::NonProtectedVm);
-
-    let _csr = rkp::Csr::from_cbor(&session, &csr[..]).context("Failed to parse CSR")?;
+fn check_csr(csr: Vec<u8>) -> Result<()> {
+    let _csr = rkp::Csr::from_cbor(&Session::default(), &csr[..]).context("Failed to parse CSR")?;
     Ok(())
 }