Merge "Add missing application ID tag to AES/HMAC attestation calls" into oc-dev

2026-02-01 16:50:18 +00:00 · 2017-05-05 17:29:21 +00:00
parent 65f7dbc9a9 58ce93480b
commit 585acc6778
1 changed files with 27 additions and 19 deletions
--- a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -3932,17 +3932,21 @@ TEST_F(AttestationTest, EcAttestationRequiresAttestationAppId) {
 * Verifies that attesting to AES keys fails in the expected way.
 */
 TEST_F(AttestationTest, AesAttestation) {
-    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
-                                             .Authorization(TAG_NO_AUTH_REQUIRED)
-                                             .AesEncryptionKey(128)
-                                             .EcbMode()
-                                             .Padding(PaddingMode::PKCS7)));
+    ASSERT_EQ(ErrorCode::OK,
+              GenerateKey(AuthorizationSetBuilder()
+                              .Authorization(TAG_NO_AUTH_REQUIRED)
+                              .AesEncryptionKey(128)
+                              .EcbMode()
+                              .Padding(PaddingMode::PKCS7)));

    hidl_vec<hidl_vec<uint8_t>> cert_chain;
-    EXPECT_EQ(ErrorCode::INCOMPATIBLE_ALGORITHM,
-              AttestKey(AuthorizationSetBuilder().Authorization(TAG_ATTESTATION_CHALLENGE,
-                                                                HidlBuf("challenge")),
-                        &cert_chain));
+    EXPECT_EQ(
+        ErrorCode::INCOMPATIBLE_ALGORITHM,
+        AttestKey(
+            AuthorizationSetBuilder()
+                .Authorization(TAG_ATTESTATION_CHALLENGE, HidlBuf("challenge"))
+                .Authorization(TAG_ATTESTATION_APPLICATION_ID, HidlBuf("foo")),
+            &cert_chain));
 }

 /*
@@ -3951,18 +3955,22 @@ TEST_F(AttestationTest, AesAttestation) {
 * Verifies that attesting to HMAC keys fails in the expected way.
 */
 TEST_F(AttestationTest, HmacAttestation) {
-    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
-                                             .Authorization(TAG_NO_AUTH_REQUIRED)
-                                             .HmacKey(128)
-                                             .EcbMode()
-                                             .Digest(Digest::SHA_2_256)
-                                             .Authorization(TAG_MIN_MAC_LENGTH, 128)));
+    ASSERT_EQ(ErrorCode::OK,
+              GenerateKey(AuthorizationSetBuilder()
+                              .Authorization(TAG_NO_AUTH_REQUIRED)
+                              .HmacKey(128)
+                              .EcbMode()
+                              .Digest(Digest::SHA_2_256)
+                              .Authorization(TAG_MIN_MAC_LENGTH, 128)));

    hidl_vec<hidl_vec<uint8_t>> cert_chain;
-    EXPECT_EQ(ErrorCode::INCOMPATIBLE_ALGORITHM,
-              AttestKey(AuthorizationSetBuilder().Authorization(TAG_ATTESTATION_CHALLENGE,
-                                                                HidlBuf("challenge")),
-                        &cert_chain));
+    EXPECT_EQ(
+        ErrorCode::INCOMPATIBLE_ALGORITHM,
+        AttestKey(
+            AuthorizationSetBuilder()
+                .Authorization(TAG_ATTESTATION_CHALLENGE, HidlBuf("challenge"))
+                .Authorization(TAG_ATTESTATION_APPLICATION_ID, HidlBuf("foo")),
+            &cert_chain));
 }

 typedef KeymasterHidlTest KeyDeletionTest;