Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3c2da9d2 authored by Max Bires's avatar Max Bires
Browse files

AesInvalidKeySize skip 192 on SB devices 

This change alters the AesInvalidKeySize test to only enforce
against StrongBox instances on devices that launch on S or later,
not previously launched devices.

Ignore-AOSP-First: Cherrypick from AOSP
Bug: 191736606
Test: Test passes on a StrongBox enabled device
Change-Id: Ic0ff19d2d19d6e18dfbc0fad4b8182264f36b2f6
Merged-In: Ic0ff19d2d19d6e18dfbc0fad4b8182264f36b2f6
parent dee204e1

keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp

+6 −0
Original line number Diff line number Diff line
@@ -940,7 +940,13 @@ TEST_P(NewKeyGenerationTest, HmacDigestNone) { 
 * UNSUPPORTED_KEY_SIZE.

 */

TEST_P(NewKeyGenerationTest, AesInvalidKeySize) {

    int32_t firstApiLevel = property_get_int32("ro.board.first_api_level", 0);

    for (auto key_size : InvalidKeySizes(Algorithm::AES)) {

        // The HAL specification was only clarified to exclude AES-192 for StrongBox in Android S,

        // so allow devices that launched on earlier implementations to skip this check.

        if (key_size == 192 && SecLevel() == SecurityLevel::STRONGBOX && firstApiLevel < 31) {

            continue;

        }

        ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE,

                  GenerateKey(AuthorizationSetBuilder()

                                      .Authorization(TAG_NO_AUTH_REQUIRED)