Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 11:36:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Do not require StrongBox to implement RKP"

Browse Source
This commit is contained in:
Seth Moore
2023-03-24 20:54:09 +00:00
committed by Gerrit Code Review
parent 2154b45320 5a0320fbda
commit fc746fb1aa
1 changed files with 19 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
security/keymint/aidl/vts/functional/KeyMintTest.cpp
View File

@@ -590,8 +590,7 @@ string device_suffix(const string& name) {
return name.substr(pos + 1);
}
bool matching_rp_instance(const string& km_name,
std::shared_ptr<IRemotelyProvisionedComponent>* rp) {
std::shared_ptr<IRemotelyProvisionedComponent> matching_rp_instance(const std::string& km_name) {
string km_suffix = device_suffix(km_name);
vector<string> rp_names =
@@ -601,11 +600,10 @@ bool matching_rp_instance(const string& km_name,
// KeyMint instance, assume they match.
if (device_suffix(rp_name) == km_suffix && AServiceManager_isDeclared(rp_name.c_str())) {
::ndk::SpAIBinder binder(AServiceManager_waitForService(rp_name.c_str()));
*rp = IRemotelyProvisionedComponent::fromBinder(binder);
return true;
return IRemotelyProvisionedComponent::fromBinder(binder);
}
}
return false;
return nullptr;
}
} // namespace
@@ -1140,11 +1138,14 @@ TEST_P(NewKeyGenerationTest, RsaWithRkpAttestation) {
GTEST_SKIP() << "RKP support is not required on this platform";
}
// There should be an IRemotelyProvisionedComponent instance associated with the KeyMint
// instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp;
ASSERT_TRUE(matching_rp_instance(GetParam(), &rp))
<< "No IRemotelyProvisionedComponent found that matches KeyMint device " << GetParam();
// Check for an IRemotelyProvisionedComponent instance associated with the
// KeyMint instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp = matching_rp_instance(GetParam());
if (rp == nullptr && SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Encountered StrongBox implementation that does not support RKP";
}
ASSERT_NE(rp, nullptr) << "No IRemotelyProvisionedComponent found that matches KeyMint device "
<< GetParam();
// Generate a P-256 keypair to use as an attestation key.
MacedPublicKey macedPubKey;
@@ -1218,11 +1219,14 @@ TEST_P(NewKeyGenerationTest, EcdsaWithRkpAttestation) {
GTEST_SKIP() << "RKP support is not required on this platform";
}
// There should be an IRemotelyProvisionedComponent instance associated with the KeyMint
// instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp;
ASSERT_TRUE(matching_rp_instance(GetParam(), &rp))
<< "No IRemotelyProvisionedComponent found that matches KeyMint device " << GetParam();
// Check for an IRemotelyProvisionedComponent instance associated with the
// KeyMint instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp = matching_rp_instance(GetParam());
if (rp == nullptr && SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Encountered StrongBox implementation that does not support RKP";
}
ASSERT_NE(rp, nullptr) << "No IRemotelyProvisionedComponent found that matches KeyMint device "
<< GetParam();
// Generate a P-256 keypair to use as an attestation key.
MacedPublicKey macedPubKey;