Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 16:09:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Do not require StrongBox to implement RKP

Browse Source 
Detect if there is an IRemotelyProvisionedComponent for strongbox, and
if so run the associated keymint tests. Else, allow strongbox to skip
the test as it's not required to implement the IRPC HAL.

Bug: 271948302
Test: VtsAidlKeyMintTargetTest
Change-Id: Ibf98e594e725d6ad14c0ff189ab9fbcc25b51f80
This commit is contained in:
Seth Moore
2023-03-24 12:29:08 -07:00
parent 6f135a7a19
commit 5a0320fbda
1 changed files with 19 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
security/keymint/aidl/vts/functional/KeyMintTest.cpp
View File

@@ -590,8 +590,7 @@ string device_suffix(const string& name) {
return name.substr(pos + 1);
}
bool matching_rp_instance(const string& km_name,
std::shared_ptr<IRemotelyProvisionedComponent>* rp) {
std::shared_ptr<IRemotelyProvisionedComponent> matching_rp_instance(const std::string& km_name) {
string km_suffix = device_suffix(km_name);
vector<string> rp_names =
@@ -601,11 +600,10 @@ bool matching_rp_instance(const string& km_name,
// KeyMint instance, assume they match.
if (device_suffix(rp_name) == km_suffix && AServiceManager_isDeclared(rp_name.c_str())) {
::ndk::SpAIBinder binder(AServiceManager_waitForService(rp_name.c_str()));
*rp = IRemotelyProvisionedComponent::fromBinder(binder);
return true;
return IRemotelyProvisionedComponent::fromBinder(binder);
}
}
return false;
return nullptr;
}
} // namespace
@@ -1140,11 +1138,14 @@ TEST_P(NewKeyGenerationTest, RsaWithRkpAttestation) {
GTEST_SKIP() << "RKP support is not required on this platform";
}
// There should be an IRemotelyProvisionedComponent instance associated with the KeyMint
// instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp;
ASSERT_TRUE(matching_rp_instance(GetParam(), &rp))
<< "No IRemotelyProvisionedComponent found that matches KeyMint device " << GetParam();
// Check for an IRemotelyProvisionedComponent instance associated with the
// KeyMint instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp = matching_rp_instance(GetParam());
if (rp == nullptr && SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Encountered StrongBox implementation that does not support RKP";
}
ASSERT_NE(rp, nullptr) << "No IRemotelyProvisionedComponent found that matches KeyMint device "
<< GetParam();
// Generate a P-256 keypair to use as an attestation key.
MacedPublicKey macedPubKey;
@@ -1218,11 +1219,14 @@ TEST_P(NewKeyGenerationTest, EcdsaWithRkpAttestation) {
GTEST_SKIP() << "RKP support is not required on this platform";
}
// There should be an IRemotelyProvisionedComponent instance associated with the KeyMint
// instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp;
ASSERT_TRUE(matching_rp_instance(GetParam(), &rp))
<< "No IRemotelyProvisionedComponent found that matches KeyMint device " << GetParam();
// Check for an IRemotelyProvisionedComponent instance associated with the
// KeyMint instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp = matching_rp_instance(GetParam());
if (rp == nullptr && SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Encountered StrongBox implementation that does not support RKP";
}
ASSERT_NE(rp, nullptr) << "No IRemotelyProvisionedComponent found that matches KeyMint device "
<< GetParam();
// Generate a P-256 keypair to use as an attestation key.
MacedPublicKey macedPubKey;