Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a7bf38be authored by Eran Messeri's avatar Eran Messeri Committed by Automerger Merge Worker
Browse files

Merge "Extending `AttestKeyTest#EcdsaAttestationID` test to use IMEI as... 

Merge "Extending `AttestKeyTest#EcdsaAttestationID` test to use IMEI as attestation id." am: 506089a8 am: 53124013

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2357762



Change-Id: I82af09f2961437dbb8cef7970151f9082f9b95c7
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents f34a871a 53124013

security/keymint/aidl/vts/functional/Android.bp

+1 −0
Original line number Diff line number Diff line
@@ -34,6 +34,7 @@ cc_defaults { 
        "libbinder",

        "libbinder_ndk",

        "libcrypto",

        "libbase",

        "packagemanager_aidl-cpp",

    ],

    static_libs: [

security/keymint/aidl/vts/functional/AttestKeyTest.cpp

+56 −0
Original line number Diff line number Diff line
@@ -15,6 +15,8 @@ 
 */



#define LOG_TAG "keymint_1_attest_key_test"

#include <android-base/logging.h>

#include <android-base/strings.h>

#include <cutils/log.h>

#include <cutils/properties.h>
@@ -26,12 +28,61 @@ 
namespace aidl::android::hardware::security::keymint::test {



namespace {

string TELEPHONY_CMD_GET_IMEI = "cmd phone get-imei ";



bool IsSelfSigned(const vector<Certificate>& chain) {

    if (chain.size() != 1) return false;

    return ChainSignaturesAreValid(chain);

}



/*

 * Run a shell command and collect the output of it. If any error, set an empty string as the

 * output.

 */

string exec_command(string command) {

    char buffer[128];

    string result = "";



    FILE* pipe = popen(command.c_str(), "r");

    if (!pipe) {

        LOG(ERROR) << "popen failed.";

        return result;

    }



    // read till end of process:

    while (!feof(pipe)) {

        if (fgets(buffer, 128, pipe) != NULL) {

            result += buffer;

        }

    }



    pclose(pipe);

    return result;

}



/*

 * Get IMEI using Telephony service shell command. If any error while executing the command

 * then empty string will be returned as output.

 */

string get_imei(int slot) {

    string cmd = TELEPHONY_CMD_GET_IMEI + std::to_string(slot);

    string output = exec_command(cmd);



    if (output.empty()) {

        LOG(ERROR) << "Command failed. Cmd: " << cmd;

        return "";

    }



    vector<string> out = ::android::base::Tokenize(::android::base::Trim(output), "Device IMEI:");



    if (out.size() != 1) {

        LOG(ERROR) << "Error in parsing the command output. Cmd: " << cmd;

        return "";

    }



    return ::android::base::Trim(out[0]);

}



}  // namespace



class AttestKeyTest : public KeyMintAidlTestBase {
@@ -803,6 +854,11 @@ TEST_P(AttestKeyTest, EcdsaAttestationID) { 
                      "ro.product.manufacturer");

    add_tag_from_prop(&attestation_id_tags, TAG_ATTESTATION_ID_MODEL, "ro.product.model");



    string imei = get_imei(0);

    if (!imei.empty()) {

        attestation_id_tags.Authorization(TAG_ATTESTATION_ID_IMEI, imei.data(), imei.size());

    }



    for (const KeyParameter& tag : attestation_id_tags) {

        SCOPED_TRACE(testing::Message() << "+tag-" << tag);

        // Use attestation key to sign an ECDSA key, but include an attestation ID field.