commit a42dee61cefd6083648face2d7fb56ffba0f60dd
author Rajesh Nyamagoud <nyamagoud@google.com> Fri Apr 22 21:15:55 2022 +0000
committer Rajesh Nyamagoud <nyamagoud@google.com> Tue Jun 20 19:07:27 2023 +0000
tree af767f4bb82889c1b70196fa1ce9eb0d2b94bbd5
parent cdeb7302af5a30d62aab712a71b32f0b46a4dcaa

Added tests to attest keys with attestation id.

- Generate an RSA/EC attested keys with attestation of the device's
  identifiers. Test should succeed in generatating a attested key with
  attestation of device identifier. Test might fail on devices which
  doesn't support device id attestation with error response code
  `CANNOT_ATTEST_IDS or INVALID_TAG`.

- Try to generate an attested key with attestation of invalid device's
  identifiers. Test should fail with error response `CANNOT_ATTEST_IDS`

- Test to make sure `CANNOT_ATTEST_IDS` error code is returned while
  trying to generate a key on a device which doesn't support
  `FEATURE_DEVICE_ID_ATTESTATION`.

Bug: 194359114
Test: atest keystore2_client_test
Change-Id: Ib57c58d3ea89279eb69db342c3343b8d99ddc639

keystore2/test_utils/authorizations.rs

diff --git a/keystore2/test_utils/authorizations.rs b/keystore2/test_utils/authorizations.rs
index 4608bc5..514cbd3 100644
--- a/keystore2/test_utils/authorizations.rs
+++ b/keystore2/test_utils/authorizations.rs
@@ -161,6 +161,87 @@
             .push(KeyParameter { tag: Tag::MIN_MAC_LENGTH, value: KeyParameterValue::Integer(l) });
         self
     }
+
+    /// Add Attestation-Device-Brand.
+    pub fn attestation_device_brand(mut self, b: Vec<u8>) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::ATTESTATION_ID_BRAND,
+            value: KeyParameterValue::Blob(b),
+        });
+        self
+    }
+
+    /// Add Attestation-Device-name.
+    pub fn attestation_device_name(mut self, b: Vec<u8>) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::ATTESTATION_ID_DEVICE,
+            value: KeyParameterValue::Blob(b),
+        });
+        self
+    }
+
+    /// Add Attestation-Device-Product-Name.
+    pub fn attestation_device_product_name(mut self, b: Vec<u8>) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::ATTESTATION_ID_PRODUCT,
+            value: KeyParameterValue::Blob(b),
+        });
+        self
+    }
+
+    /// Add Attestation-Device-Serial.
+    pub fn attestation_device_serial(mut self, b: Vec<u8>) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::ATTESTATION_ID_SERIAL,
+            value: KeyParameterValue::Blob(b),
+        });
+        self
+    }
+
+    /// Add Attestation-Device-IMEI.
+    pub fn attestation_device_imei(mut self, b: Vec<u8>) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::ATTESTATION_ID_IMEI,
+            value: KeyParameterValue::Blob(b),
+        });
+        self
+    }
+
+    /// Add Attestation-Device-IMEI.
+    pub fn attestation_device_second_imei(mut self, b: Vec<u8>) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::ATTESTATION_ID_SECOND_IMEI,
+            value: KeyParameterValue::Blob(b),
+        });
+        self
+    }
+
+    /// Add Attestation-Device-MEID.
+    pub fn attestation_device_meid(mut self, b: Vec<u8>) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::ATTESTATION_ID_MEID,
+            value: KeyParameterValue::Blob(b),
+        });
+        self
+    }
+
+    /// Add Attestation-Device-Manufacturer.
+    pub fn attestation_device_manufacturer(mut self, b: Vec<u8>) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::ATTESTATION_ID_MANUFACTURER,
+            value: KeyParameterValue::Blob(b),
+        });
+        self
+    }
+
+    /// Add Attestation-Device-Model.
+    pub fn attestation_device_model(mut self, b: Vec<u8>) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::ATTESTATION_ID_MODEL,
+            value: KeyParameterValue::Blob(b),
+        });
+        self
+    }
 }
 
 impl Deref for AuthSetBuilder {