From 58ce93480b1731b01d8a732179a7c7cf2970e97d Mon Sep 17 00:00:00 2001
From: Shawn Willden <swillden@google.com>
Date: Mon, 24 Apr 2017 08:27:12 -0600
Subject: [PATCH] Add missing application ID tag to AES/HMAC attestation calls

Test: Manually verified by running VTS
Change-Id: Iaba04736e3ccc43a662407a6c18416f20d0ee4ea
---
 .../functional/keymaster_hidl_hal_test.cpp    | 46 +++++++++++--------
 1 file changed, 27 insertions(+), 19 deletions(-)

diff --git a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
index 34483985c0..fcd4dece77 100644
--- a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -3932,17 +3932,21 @@ TEST_F(AttestationTest, EcAttestationRequiresAttestationAppId) {
  * Verifies that attesting to AES keys fails in the expected way.
  */
 TEST_F(AttestationTest, AesAttestation) {
-    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
-                                             .Authorization(TAG_NO_AUTH_REQUIRED)
-                                             .AesEncryptionKey(128)
-                                             .EcbMode()
-                                             .Padding(PaddingMode::PKCS7)));
+    ASSERT_EQ(ErrorCode::OK,
+              GenerateKey(AuthorizationSetBuilder()
+                              .Authorization(TAG_NO_AUTH_REQUIRED)
+                              .AesEncryptionKey(128)
+                              .EcbMode()
+                              .Padding(PaddingMode::PKCS7)));
 
     hidl_vec<hidl_vec<uint8_t>> cert_chain;
-    EXPECT_EQ(ErrorCode::INCOMPATIBLE_ALGORITHM,
-              AttestKey(AuthorizationSetBuilder().Authorization(TAG_ATTESTATION_CHALLENGE,
-                                                                HidlBuf("challenge")),
-                        &cert_chain));
+    EXPECT_EQ(
+        ErrorCode::INCOMPATIBLE_ALGORITHM,
+        AttestKey(
+            AuthorizationSetBuilder()
+                .Authorization(TAG_ATTESTATION_CHALLENGE, HidlBuf("challenge"))
+                .Authorization(TAG_ATTESTATION_APPLICATION_ID, HidlBuf("foo")),
+            &cert_chain));
 }
 
 /*
@@ -3951,18 +3955,22 @@ TEST_F(AttestationTest, AesAttestation) {
  * Verifies that attesting to HMAC keys fails in the expected way.
  */
 TEST_F(AttestationTest, HmacAttestation) {
-    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
-                                             .Authorization(TAG_NO_AUTH_REQUIRED)
-                                             .HmacKey(128)
-                                             .EcbMode()
-                                             .Digest(Digest::SHA_2_256)
-                                             .Authorization(TAG_MIN_MAC_LENGTH, 128)));
+    ASSERT_EQ(ErrorCode::OK,
+              GenerateKey(AuthorizationSetBuilder()
+                              .Authorization(TAG_NO_AUTH_REQUIRED)
+                              .HmacKey(128)
+                              .EcbMode()
+                              .Digest(Digest::SHA_2_256)
+                              .Authorization(TAG_MIN_MAC_LENGTH, 128)));
 
     hidl_vec<hidl_vec<uint8_t>> cert_chain;
-    EXPECT_EQ(ErrorCode::INCOMPATIBLE_ALGORITHM,
-              AttestKey(AuthorizationSetBuilder().Authorization(TAG_ATTESTATION_CHALLENGE,
-                                                                HidlBuf("challenge")),
-                        &cert_chain));
+    EXPECT_EQ(
+        ErrorCode::INCOMPATIBLE_ALGORITHM,
+        AttestKey(
+            AuthorizationSetBuilder()
+                .Authorization(TAG_ATTESTATION_CHALLENGE, HidlBuf("challenge"))
+                .Authorization(TAG_ATTESTATION_APPLICATION_ID, HidlBuf("foo")),
+            &cert_chain));
 }
 
 typedef KeymasterHidlTest KeyDeletionTest;