AuthGraph VTS: detect additional errors

A failure to get the IAuthGraphKeyExchange/nonsecure instance might be because it's not registered (likely on most non-Cuttlefish devices) or it might be for some other reason, such as SELinux denial. So detect other kinds of failure to get the service, and also change the VTS to require root so SELinux denials don't happen. Also tweak the expected return code when a source is given a corrupt key; now that replay protection is implemented, the reference implementation rejects this earlier (and with a different error) because the session lookup fails. Test: VtsAidlAuthGraphRoleTest Bug: 291228560 Change-Id: I032600ac809f43a3642fa9ef9aae788d3ca2378f
2026-02-01 11:36:00 +00:00 · 2023-11-21 10:18:08 +00:00
parent 3fb1cddadc
commit 087ead1608
3 changed files with 15 additions and 5 deletions
--- a/security/authgraph/aidl/vts/functional/Android.bp
+++ b/security/authgraph/aidl/vts/functional/Android.bp
@@ -50,6 +50,7 @@ cc_test {
 rust_test {
    name: "VtsAidlAuthGraphRoleTest",
    srcs: ["role_test.rs"],
+    require_root: true,
    test_suites: [
        "general-tests",
        "vts",
--- a/security/authgraph/aidl/vts/functional/role_test.rs
+++ b/security/authgraph/aidl/vts/functional/role_test.rs
@@ -22,13 +22,18 @@ use authgraph_vts_test as vts;
 use android_hardware_security_authgraph::aidl::android::hardware::security::authgraph::{
    IAuthGraphKeyExchange::IAuthGraphKeyExchange,
 };
+use binder::StatusCode;

 const AUTH_GRAPH_NONSECURE: &str =
    "android.hardware.security.authgraph.IAuthGraphKeyExchange/nonsecure";

 /// Retrieve the /nonsecure instance of AuthGraph, which supports both sink and source roles.
 fn get_nonsecure() -> Option<binder::Strong<dyn IAuthGraphKeyExchange>> {
-    binder::get_interface(AUTH_GRAPH_NONSECURE).ok()
+    match binder::get_interface(AUTH_GRAPH_NONSECURE) {
+        Ok(ag) => Some(ag),
+        Err(StatusCode::NAME_NOT_FOUND) => None,
+        Err(e) => panic!("failed to get AuthGraph/nonsecure: {e:?}"),
+    }
 }

 /// Macro to require availability of a /nonsecure instance of AuthGraph.
--- a/security/authgraph/aidl/vts/functional/source.rs
+++ b/security/authgraph/aidl/vts/functional/source.rs
@@ -250,9 +250,13 @@ pub fn test_corrupt_key(
        &corrupt_key,
    );

-    let err = result.expect_err("expect failure with corrupt signature");
-    assert_eq!(
-        err,
-        binder::Status::new_service_specific_error(Error::INVALID_PRIV_KEY_ARC_IN_KEY.0, None)
+    let err = result.expect_err("expect failure with corrupt key");
+    assert!(
+        err == binder::Status::new_service_specific_error(Error::INVALID_KE_KEY.0, None)
+            || err
+                == binder::Status::new_service_specific_error(
+                    Error::INVALID_PRIV_KEY_ARC_IN_KEY.0,
+                    None
+                )
    );
 }