Merge "VTS: Test specifying --expect_upgrade {yes,no}"

security/keymint/aidl/vts/functional/KeyBlobUpgradeTest.cpp

@@ -36,11 +36,14 @@
 //
 //      adb push keymint-blobs /data/local/tmp/keymint-blobs
 //
-// 5) Run the "*After*" subset of these tests with the `--keyblob_dir <dir>` command-line argument
-//    pointing to the directory with the keyblobs:
+// 5) Run the "*After*" subset of these tests, with the following command-line arguments
+//    `--keyblob_dir <dir>`: pointing to the directory with the keyblobs.
+//    `--expect_upgrade {yes|no}` (Optional): To specify if users expect an upgrade on the keyBlobs,
+//                                            will be "yes" by default.
 //
 //      VtsAidlKeyMintTargetTest --gtest_filter="*KeyBlobUpgradeTest*After*" \
-//                               --keyblob_dir /data/local/tmp/keymint-blobs
+//                               --keyblob_dir /data/local/tmp/keymint-blobs \
+//                               --expect_upgrade {yes|no}
 //
 //    (Note that this skips the `CreateKeyBlobs` test, which would otherwise replace the saved
 //    keyblobs with freshly generated ones.).
@@ -408,12 +411,18 @@ TEST_P(KeyBlobUpgradeTest, UpgradeKeyBlobsBefore) {
 //
 //     VtsAidlKeyMintTargetTest --gtest_filter="*KeyBlobUpgradeTest.UpgradeKeyBlobsAfter*" \
 //                              --keyblob_dir /data/local/tmp/keymint-blobs
+//                              --expect_upgrade {yes|no}
 //
 // - this replaces the keyblob contents in that directory; if needed, save the upgraded keyblobs
 //   with:
 //      adb pull /data/local/tmp/keymint-blobs/
 TEST_P(KeyBlobUpgradeTest, UpgradeKeyBlobsAfter) {
-    UpgradeKeyBlobs(/* expectUpgrade= */ true);
+    bool expectUpgrade = true;  // this test expects upgrade to happen by default
+    if (expect_upgrade.has_value() && expect_upgrade == false) {
+        std::cout << "Not expecting key upgrade due to --expect_upgrade no\n";
+        expectUpgrade = false;
+    }
+    UpgradeKeyBlobs(expectUpgrade);
 }
 
 // To run this test:

security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp

@@ -174,6 +174,7 @@ string x509NameToStr(X509_NAME* name) {
 bool KeyMintAidlTestBase::arm_deleteAllKeys = false;
 bool KeyMintAidlTestBase::dump_Attestations = false;
 std::string KeyMintAidlTestBase::keyblob_dir;
+std::optional<bool> KeyMintAidlTestBase::expect_upgrade = std::nullopt;
 
 uint32_t KeyMintAidlTestBase::boot_patch_level(
         const vector<KeyCharacteristics>& key_characteristics) {

security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h

@@ -70,6 +70,8 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> {
     // Directory to store/retrieve keyblobs, using subdirectories named for the
     // KeyMint instance in question (e.g. "./default/", "./strongbox/").
     static std::string keyblob_dir;
+    // To specify if users expect an upgrade on the keyBlobs.
+    static std::optional<bool> expect_upgrade;
 
     void SetUp() override;
     void TearDown() override {

security/keymint/aidl/vts/functional/KeyMintTest.cpp

@@ -8718,6 +8718,19 @@ int main(int argc, char** argv) {
                         std::string(argv[i + 1]);
                 ++i;
             }
+            if (std::string(argv[i]) == "--expect_upgrade") {
+                if (i + 1 >= argc) {
+                    std::cerr << "Missing argument for --expect_upgrade\n";
+                    return 1;
+                }
+                std::string arg = argv[i + 1];
+                aidl::android::hardware::security::keymint::test::KeyMintAidlTestBase::
+                        expect_upgrade =
+                                arg == "yes"
+                                        ? true
+                                        : (arg == "no" ? false : std::optional<bool>(std::nullopt));
+                ++i;
+            }
         }
     }
     return RUN_ALL_TESTS();