Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 44dc86ed authored by Shawn Willden's avatar Shawn Willden
Browse files

Fix bug in VTS attestation cert verification. 

Keymaster VTS is failing to verify that the last certificate in the
chain is self-signed.  CTS and GTS tests verify this, but it should be
validated at this level as well.

Bug: 79123157
Test: VtsHalKeymasterV3_0TargetTest
Change-Id: I5ff33fc8186182c2cf8d43d90cd59f89ce45d416
parent 515324a7

keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp

+1 −1
Original line number Diff line number Diff line
@@ -294,7 +294,7 @@ X509* parse_cert_blob(const hidl_vec<uint8_t>& blob) { 
}



bool verify_chain(const hidl_vec<hidl_vec<uint8_t>>& chain) {

    for (size_t i = 0; i < chain.size() - 1; ++i) {

    for (size_t i = 0; i < chain.size(); ++i) {

        X509_Ptr key_cert(parse_cert_blob(chain[i]));

        X509_Ptr signing_cert;

        if (i < chain.size() - 1) {