Snap for 12319997 from 5c3d26dccdd36208a39765aa8124bc9e824952f0 to 24Q4-release
Change-Id: Id165184b040142b85499ba7be6763cbe7f30b7a1
diff --git a/keystore2/test_utils/key_generations.rs b/keystore2/test_utils/key_generations.rs
index 258c68f..e2f0b3e 100644
--- a/keystore2/test_utils/key_generations.rs
+++ b/keystore2/test_utils/key_generations.rs
@@ -466,14 +466,19 @@
return true;
}
+ // Don't check these parameters if the underlying device is a Keymaster implementation.
if sl.is_keymaster() {
- // `Tag::USAGE_COUNT_LIMIT` was added in KeyMint 1.0, so don't check for it if the
- // underlying device is a Keymaster implementation.
- if matches!(key_param.tag, Tag::USAGE_COUNT_LIMIT) {
+ if matches!(
+ key_param.tag,
+ // `Tag::USAGE_COUNT_LIMIT` was added in KeyMint 1.0.
+ Tag::USAGE_COUNT_LIMIT |
+ // Keymaster implementations may not consistently include `Tag::VENDOR_PATCHLEVEL`
+ // in generated key characteristics.
+ Tag::VENDOR_PATCHLEVEL
+ ) {
return true;
}
- // `KeyPurpose::ATTEST_KEY` was added in KeyMint 1.0, so don't check for it if the
- // underlying device is a Keymaster implementation.
+ // `KeyPurpose::ATTEST_KEY` was added in KeyMint 1.0.
if key_param.tag == Tag::PURPOSE
&& key_param.value == KeyParameterValue::KeyPurpose(KeyPurpose::ATTEST_KEY)
{
diff --git a/keystore2/tests/keystore2_client_attest_key_tests.rs b/keystore2/tests/keystore2_client_attest_key_tests.rs
index e2eacc4..f723d02 100644
--- a/keystore2/tests/keystore2_client_attest_key_tests.rs
+++ b/keystore2/tests/keystore2_client_attest_key_tests.rs
@@ -562,6 +562,8 @@
#[test]
fn keystore2_attest_key_fails_with_invalid_attestation_id() {
skip_test_if_no_device_id_attestation_feature!();
+ skip_device_id_attestation_tests!();
+ skip_test_if_no_app_attest_key_feature!();
let sl = SecLevel::tee();