Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 16:23:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Add logging to KeyCharacteristicsBasicallyValid"

Browse Source
This commit is contained in:
Treehugger Robot
2021-09-21 05:32:28 +00:00
committed by Gerrit Code Review
parent 5ecd476e5a 2a9a00e385
commit bd7df07b2a
1 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
View File

@@ -77,12 +77,18 @@ bool KeyCharacteristicsBasicallyValid(SecurityLevel secLevel,
std::unordered_set<SecurityLevel> levels_seen; std::unordered_set<SecurityLevel> levels_seen;
for (auto& entry : key_characteristics) { for (auto& entry : key_characteristics) {
if (entry.authorizations.empty()) return false; if (entry.authorizations.empty()) {
GTEST_LOG_(ERROR) << "empty authorizations for " << entry.securityLevel;
return false;
}
// Just ignore the SecurityLevel::KEYSTORE as the KM won't do any enforcement on this. // Just ignore the SecurityLevel::KEYSTORE as the KM won't do any enforcement on this.
if (entry.securityLevel == SecurityLevel::KEYSTORE) continue; if (entry.securityLevel == SecurityLevel::KEYSTORE) continue;
if (levels_seen.find(entry.securityLevel) != levels_seen.end()) return false; if (levels_seen.find(entry.securityLevel) != levels_seen.end()) {
GTEST_LOG_(ERROR) << "duplicate authorizations for " << entry.securityLevel;
return false;
}
levels_seen.insert(entry.securityLevel); levels_seen.insert(entry.securityLevel);
// Generally, we should only have one entry, at the same security level as the KM // Generally, we should only have one entry, at the same security level as the KM
@@ -92,7 +98,10 @@ bool KeyCharacteristicsBasicallyValid(SecurityLevel secLevel,
(secLevel == SecurityLevel::STRONGBOX && (secLevel == SecurityLevel::STRONGBOX &&
entry.securityLevel == SecurityLevel::TRUSTED_ENVIRONMENT); entry.securityLevel == SecurityLevel::TRUSTED_ENVIRONMENT);
if (!isExpectedSecurityLevel) return false; if (!isExpectedSecurityLevel) {
GTEST_LOG_(ERROR) << "Unexpected security level " << entry.securityLevel;
return false;
}
} }
return true; return true;
} }