From 1a545db363c528bfb12c92fb24fd9426f84e9f86 Mon Sep 17 00:00:00 2001
From: Shawn Willden <swillden@google.com>
Date: Wed, 22 Feb 2023 14:32:33 -0700
Subject: [PATCH] Update KeyMint VTS tests to use pre-defined API level symbols

Test: VtsKeyMintAidlTargetTest
Change-Id: I11ccd0c4959a2b3504009fdd95f4a313a5d6d5f6
---
 security/keymint/aidl/vts/functional/AttestKeyTest.cpp    | 2 +-
 .../keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp   | 8 ++++----
 security/keymint/aidl/vts/functional/KeyMintTest.cpp      | 8 ++++----
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index 8027dce4d6..bbf363370d 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -106,7 +106,7 @@ class AttestKeyTest : public KeyMintAidlTestBase {
         // with any other key purpose, but the original VTS tests incorrectly did exactly that.
         // This means that a device that launched prior to Android T (API level 33) may
         // accept or even require KeyPurpose::SIGN too.
-        if (property_get_int32("ro.board.first_api_level", 0) < 33) {
+        if (property_get_int32("ro.board.first_api_level", 0) < __ANDROID_API_T__) {
             AuthorizationSet key_desc_plus_sign = key_desc;
             key_desc_plus_sign.push_back(TAG_PURPOSE, KeyPurpose::SIGN);
 
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 41d47eee8c..d1f9651bec 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -214,7 +214,7 @@ uint32_t KeyMintAidlTestBase::boot_patch_level() {
  * which is mandatory for KeyMint version 2 or first_api_level 33 or greater.
  */
 bool KeyMintAidlTestBase::isDeviceIdAttestationRequired() {
-    return AidlVersion() >= 2 || property_get_int32("ro.vendor.api_level", 0) >= 33;
+    return AidlVersion() >= 2 || property_get_int32("ro.vendor.api_level", 0) >= __ANDROID_API_T__;
 }
 
 /**
@@ -222,7 +222,7 @@ bool KeyMintAidlTestBase::isDeviceIdAttestationRequired() {
  * which is supported for KeyMint version 3 or first_api_level greater than 33.
  */
 bool KeyMintAidlTestBase::isSecondImeiIdAttestationRequired() {
-    return AidlVersion() >= 3 && property_get_int32("ro.vendor.api_level", 0) > 33;
+    return AidlVersion() >= 3 && property_get_int32("ro.vendor.api_level", 0) > __ANDROID_API_T__;
 }
 
 bool KeyMintAidlTestBase::Curve25519Supported() {
@@ -845,7 +845,7 @@ void KeyMintAidlTestBase::CheckEncryptOneByteAtATime(BlockMode block_mode, const
         int vendor_api_level = property_get_int32("ro.vendor.api_level", 0);
         if (SecLevel() == SecurityLevel::STRONGBOX) {
             // This is known to be broken on older vendor implementations.
-            if (vendor_api_level < 33) {
+            if (vendor_api_level < __ANDROID_API_T__) {
                 compare_output = false;
             } else {
                 additional_information = " (b/194134359) ";
@@ -2043,7 +2043,7 @@ void p256_pub_key(const vector<uint8_t>& coseKeyData, EVP_PKEY_Ptr* signingKey)
 }
 
 void device_id_attestation_vsr_check(const ErrorCode& result) {
-    if (get_vsr_api_level() >= 34) {
+    if (get_vsr_api_level() > __ANDROID_API_T__) {
         ASSERT_FALSE(result == ErrorCode::INVALID_TAG)
                 << "It is a specification violation for INVALID_TAG to be returned due to ID "
                 << "mismatch in a Device ID Attestation call. INVALID_TAG is only intended to "
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 357405ffb4..9e66f086b2 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -1136,7 +1136,7 @@ TEST_P(NewKeyGenerationTest, RsaWithAttestation) {
  * that has been generated using an associate IRemotelyProvisionedComponent.
  */
 TEST_P(NewKeyGenerationTest, RsaWithRkpAttestation) {
-    if (get_vsr_api_level() < 32 || AidlVersion() < 2) {
+    if (get_vsr_api_level() < __ANDROID_API_T__ || AidlVersion() < 2) {
         GTEST_SKIP() << "Only required for VSR 12+ and KeyMint 2+";
     }
 
@@ -1214,7 +1214,7 @@ TEST_P(NewKeyGenerationTest, RsaWithRkpAttestation) {
  * that has been generated using an associate IRemotelyProvisionedComponent.
  */
 TEST_P(NewKeyGenerationTest, EcdsaWithRkpAttestation) {
-    if (get_vsr_api_level() <= 32 || AidlVersion() < 2) {
+    if (get_vsr_api_level() < __ANDROID_API_T__ || AidlVersion() < 2) {
         GTEST_SKIP() << "Only required for VSR 12+ and KeyMint 2+";
     }
 
@@ -8629,7 +8629,7 @@ using VsrRequirementTest = KeyMintAidlTestBase;
 
 TEST_P(VsrRequirementTest, Vsr13Test) {
     int vsr_api_level = get_vsr_api_level();
-    if (vsr_api_level < 33) {
+    if (vsr_api_level < __ANDROID_API_T__) {
         GTEST_SKIP() << "Applies only to VSR API level 33, this device is: " << vsr_api_level;
     }
     EXPECT_GE(AidlVersion(), 2) << "VSR 13+ requires KeyMint version 2";
@@ -8637,7 +8637,7 @@ TEST_P(VsrRequirementTest, Vsr13Test) {
 
 TEST_P(VsrRequirementTest, Vsr14Test) {
     int vsr_api_level = get_vsr_api_level();
-    if (vsr_api_level < 34) {
+    if (vsr_api_level < __ANDROID_API_U__) {
         GTEST_SKIP() << "Applies only to VSR API level 34, this device is: " << vsr_api_level;
     }
     EXPECT_GE(AidlVersion(), 3) << "VSR 14+ requires KeyMint version 3";