Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8351f33b authored by David Drysdale's avatar David Drysdale Committed by Yinchu Chen
Browse files

KeyMint: use a smaller invalid IMEI value 

The invalid value used for the second IMEI attestation test is
potentially wrong in two ways:
- It doesn't match the provisioned value.
- It's not a valid IMEI, not least because it is longer than 16 bytes.

Make the test value shorter so the second failure doesn't apply and
the test can reliably expect CANNOT_ATTEST_IDS.

Bug: 292959871
Bug: 327123694
Test: VtsAidlKeyMintTargetTest
Change-Id: If8c6b9e08b48e6caf5c767578e1ac43964214619
(cherry picked from commit 0215cb3d)
parent 653221fa

security/keymint/aidl/vts/functional/AttestKeyTest.cpp

+3 −1
Original line number Diff line number Diff line
@@ -939,7 +939,9 @@ TEST_P(AttestKeyTest, EcdsaAttestationMismatchID) { 
                    .Authorization(TAG_ATTESTATION_ID_MODEL, "malicious-model");



    if (isSecondImeiIdAttestationRequired()) {

        attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, "invalid-second-imei");

        // Note: the invalid value here is < 16 bytes long to avoid triggering any implementation

        // checks on valid IMEI lengths.

        attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, "invalid-imei2");

    }

    vector<uint8_t> key_blob;

    vector<KeyCharacteristics> key_characteristics;