Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 11:36:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Do not require StrongBox to implement RKP"

Browse Source
This commit is contained in:
Seth Moore
2023-03-24 20:54:09 +00:00
committed by Gerrit Code Review
parent 2154b45320 5a0320fbda
commit fc746fb1aa
1 changed files with 19 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
security/keymint/aidl/vts/functional/KeyMintTest.cpp
View File

@@ -590,8 +590,7 @@ string device_suffix(const string& name) {
return name.substr(pos + 1); return name.substr(pos + 1);
} }
bool matching_rp_instance(const string& km_name, std::shared_ptr<IRemotelyProvisionedComponent> matching_rp_instance(const std::string& km_name) {
std::shared_ptr<IRemotelyProvisionedComponent>* rp) {
string km_suffix = device_suffix(km_name); string km_suffix = device_suffix(km_name);
vector<string> rp_names = vector<string> rp_names =
@@ -601,11 +600,10 @@ bool matching_rp_instance(const string& km_name,
// KeyMint instance, assume they match. // KeyMint instance, assume they match.
if (device_suffix(rp_name) == km_suffix && AServiceManager_isDeclared(rp_name.c_str())) { if (device_suffix(rp_name) == km_suffix && AServiceManager_isDeclared(rp_name.c_str())) {
::ndk::SpAIBinder binder(AServiceManager_waitForService(rp_name.c_str())); ::ndk::SpAIBinder binder(AServiceManager_waitForService(rp_name.c_str()));
*rp = IRemotelyProvisionedComponent::fromBinder(binder); return IRemotelyProvisionedComponent::fromBinder(binder);
return true;
} }
} }
return false; return nullptr;
} }
} // namespace } // namespace
@@ -1140,11 +1138,14 @@ TEST_P(NewKeyGenerationTest, RsaWithRkpAttestation) {
GTEST_SKIP() << "RKP support is not required on this platform"; GTEST_SKIP() << "RKP support is not required on this platform";
} }
// There should be an IRemotelyProvisionedComponent instance associated with the KeyMint // Check for an IRemotelyProvisionedComponent instance associated with the
// instance. // KeyMint instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp; std::shared_ptr<IRemotelyProvisionedComponent> rp = matching_rp_instance(GetParam());
ASSERT_TRUE(matching_rp_instance(GetParam(), &rp)) if (rp == nullptr && SecLevel() == SecurityLevel::STRONGBOX) {
<< "No IRemotelyProvisionedComponent found that matches KeyMint device " << GetParam(); GTEST_SKIP() << "Encountered StrongBox implementation that does not support RKP";
}
ASSERT_NE(rp, nullptr) << "No IRemotelyProvisionedComponent found that matches KeyMint device "
<< GetParam();
// Generate a P-256 keypair to use as an attestation key. // Generate a P-256 keypair to use as an attestation key.
MacedPublicKey macedPubKey; MacedPublicKey macedPubKey;
@@ -1218,11 +1219,14 @@ TEST_P(NewKeyGenerationTest, EcdsaWithRkpAttestation) {
GTEST_SKIP() << "RKP support is not required on this platform"; GTEST_SKIP() << "RKP support is not required on this platform";
} }
// There should be an IRemotelyProvisionedComponent instance associated with the KeyMint // Check for an IRemotelyProvisionedComponent instance associated with the
// instance. // KeyMint instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp; std::shared_ptr<IRemotelyProvisionedComponent> rp = matching_rp_instance(GetParam());
ASSERT_TRUE(matching_rp_instance(GetParam(), &rp)) if (rp == nullptr && SecLevel() == SecurityLevel::STRONGBOX) {
<< "No IRemotelyProvisionedComponent found that matches KeyMint device " << GetParam(); GTEST_SKIP() << "Encountered StrongBox implementation that does not support RKP";
}
ASSERT_NE(rp, nullptr) << "No IRemotelyProvisionedComponent found that matches KeyMint device "
<< GetParam();
// Generate a P-256 keypair to use as an attestation key. // Generate a P-256 keypair to use as an attestation key.
MacedPublicKey macedPubKey; MacedPublicKey macedPubKey;