Merge "Enable EcdsaAttestationIdTags VTS for GSI" into main

    return imei;

}

// Use `ro.product.<property>_for_attestation` property for attestation if it is present else

// fallback to use `ro.product.vendor.<property>` if it is present else fallback to

// `ro.product.<property>`. Similar logic can be seen in Java method `getVendorDeviceIdProperty`

// in frameworks/base/core/java/android/os/Build.java.

template <Tag tag>

void add_attestation_id(AuthorizationSetBuilder* attestation_id_tags,

                        TypedTag<TagType::BYTES, tag> tag_type, const char* prop) {

    ::android::String8 prop_name =

            ::android::String8::format("ro.product.%s_for_attestation", prop);

    std::string prop_value = ::android::base::GetProperty(prop_name.c_str(), /* default= */ "");

    if (!prop_value.empty()) {

        add_tag_from_prop(attestation_id_tags, tag_type, prop_name.c_str());

    } else {

        prop_name = ::android::String8::format("ro.product.vendor.%s", prop);

        prop_value = ::android::base::GetProperty(prop_name.c_str(), /* default= */ "");

        if (!prop_value.empty()) {

            add_tag_from_prop(attestation_id_tags, tag_type, prop_name.c_str());

        } else {

            prop_name = ::android::String8::format("ro.product.%s", prop);

            add_tag_from_prop(attestation_id_tags, tag_type, prop_name.c_str());

        }

    }

}

}  // namespace

class AttestKeyTest : public KeyMintAidlTestBase {

                             ::android::PrintInstanceNameToString);                  \

    GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(name);

// Use `ro.product.<property>_for_attestation` property for attestation if it is present else

// fallback to use `ro.product.vendor.<property>` if it is present else fallback to

// `ro.product.<property>`. Similar logic can be seen in Java method `getVendorDeviceIdProperty`

// in frameworks/base/core/java/android/os/Build.java.

template <Tag tag>

void add_attestation_id(AuthorizationSetBuilder* attestation_id_tags,

                        TypedTag<TagType::BYTES, tag> tag_type, const char* prop) {

    ::android::String8 prop_name =

            ::android::String8::format("ro.product.%s_for_attestation", prop);

    std::string prop_value = ::android::base::GetProperty(prop_name.c_str(), /* default= */ "");

    if (!prop_value.empty()) {

        add_tag_from_prop(attestation_id_tags, tag_type, prop_name.c_str());

    } else {

        prop_name = ::android::String8::format("ro.product.vendor.%s", prop);

        prop_value = ::android::base::GetProperty(prop_name.c_str(), /* default= */ "");

        if (!prop_value.empty()) {

            add_tag_from_prop(attestation_id_tags, tag_type, prop_name.c_str());

        } else {

            prop_name = ::android::String8::format("ro.product.%s", prop);

            add_tag_from_prop(attestation_id_tags, tag_type, prop_name.c_str());

        }

    }

}

}  // namespace test

}  // namespace aidl::android::hardware::security::keymint

 * attestation extension.

 */

TEST_P(NewKeyGenerationTest, EcdsaAttestationIdTags) {

    if (is_gsi_image()) {

        // GSI sets up a standard set of device identifiers that may not match

        // the device identifiers held by the device.

        GTEST_SKIP() << "Test not applicable under GSI";

    }

    auto challenge = "hello";

    auto app_id = "foo";

    auto subject = "cert subj 2";

    // Various ATTESTATION_ID_* tags that map to fields in the attestation extension ASN.1 schema.

    auto extra_tags = AuthorizationSetBuilder();

    // Use ro.product.brand_for_attestation property for attestation if it is present else fallback

    // to ro.product.brand

    std::string prop_value =

            ::android::base::GetProperty("ro.product.brand_for_attestation", /* default= */ "");

    if (!prop_value.empty()) {

        add_tag_from_prop(&extra_tags, TAG_ATTESTATION_ID_BRAND,

                          "ro.product.brand_for_attestation");

    } else {

        add_tag_from_prop(&extra_tags, TAG_ATTESTATION_ID_BRAND, "ro.product.brand");

    }

    add_tag_from_prop(&extra_tags, TAG_ATTESTATION_ID_DEVICE, "ro.product.device");

    // Use ro.product.name_for_attestation property for attestation if it is present else fallback

    // to ro.product.name

    prop_value = ::android::base::GetProperty("ro.product.name_for_attestation", /* default= */ "");

    if (!prop_value.empty()) {

        add_tag_from_prop(&extra_tags, TAG_ATTESTATION_ID_PRODUCT,

                          "ro.product.name_for_attestation");

    } else {

        add_tag_from_prop(&extra_tags, TAG_ATTESTATION_ID_PRODUCT, "ro.product.name");

    }

    add_attestation_id(&extra_tags, TAG_ATTESTATION_ID_BRAND, "brand");

    add_attestation_id(&extra_tags, TAG_ATTESTATION_ID_DEVICE, "device");

    add_attestation_id(&extra_tags, TAG_ATTESTATION_ID_PRODUCT, "name");

    add_attestation_id(&extra_tags, TAG_ATTESTATION_ID_MANUFACTURER, "manufacturer");

    add_attestation_id(&extra_tags, TAG_ATTESTATION_ID_MODEL, "model");

    add_tag_from_prop(&extra_tags, TAG_ATTESTATION_ID_SERIAL, "ro.serialno");

    add_tag_from_prop(&extra_tags, TAG_ATTESTATION_ID_MANUFACTURER, "ro.product.manufacturer");

    // Use ro.product.model_for_attestation property for attestation if it is present else fallback

    // to ro.product.model

    prop_value =

            ::android::base::GetProperty("ro.product.model_for_attestation", /* default= */ "");

    if (!prop_value.empty()) {

        add_tag_from_prop(&extra_tags, TAG_ATTESTATION_ID_MODEL,

                          "ro.product.model_for_attestation");

    } else {

        add_tag_from_prop(&extra_tags, TAG_ATTESTATION_ID_MODEL, "ro.product.model");

    }

    for (const KeyParameter& tag : extra_tags) {

        SCOPED_TRACE(testing::Message() << "tag-" << tag);