Gitiles
Code Review Sign In
review.blissroms.org / platform_hardware_interfaces / 58ce93480b1731b01d8a732179a7c7cf2970e97d^! / .
commit58ce93480b1731b01d8a732179a7c7cf2970e97d[log] [tgz]
authorShawn Willden <swillden@google.com>Mon Apr 24 08:27:12 2017 -0600
committerShawn Willden <swillden@google.com>Thu Apr 27 13:58:36 2017 +0000
tree60f2678d2c25b38979c30f3b8588efa501d73cc3
parentfa67c8fc1d2c50ea9d4e04492d06f992ea65d2b6 [diff]
Add missing application ID tag to AES/HMAC attestation calls

Test: Manually verified by running VTS
Change-Id: Iaba04736e3ccc43a662407a6c18416f20d0ee4ea

diff --git a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
index 3448398..fcd4dec 100644
--- a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp

@@ -3932,17 +3932,21 @@
  * Verifies that attesting to AES keys fails in the expected way.
  */
 TEST_F(AttestationTest, AesAttestation) {
-    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
-                                             .Authorization(TAG_NO_AUTH_REQUIRED)
-                                             .AesEncryptionKey(128)
-                                             .EcbMode()
-                                             .Padding(PaddingMode::PKCS7)));
+    ASSERT_EQ(ErrorCode::OK,
+              GenerateKey(AuthorizationSetBuilder()
+                              .Authorization(TAG_NO_AUTH_REQUIRED)
+                              .AesEncryptionKey(128)
+                              .EcbMode()
+                              .Padding(PaddingMode::PKCS7)));
 
     hidl_vec<hidl_vec<uint8_t>> cert_chain;
-    EXPECT_EQ(ErrorCode::INCOMPATIBLE_ALGORITHM,
-              AttestKey(AuthorizationSetBuilder().Authorization(TAG_ATTESTATION_CHALLENGE,
-                                                                HidlBuf("challenge")),
-                        &cert_chain));
+    EXPECT_EQ(
+        ErrorCode::INCOMPATIBLE_ALGORITHM,
+        AttestKey(
+            AuthorizationSetBuilder()
+                .Authorization(TAG_ATTESTATION_CHALLENGE, HidlBuf("challenge"))
+                .Authorization(TAG_ATTESTATION_APPLICATION_ID, HidlBuf("foo")),
+            &cert_chain));
 }
 
 /*
@@ -3951,18 +3955,22 @@
  * Verifies that attesting to HMAC keys fails in the expected way.
  */
 TEST_F(AttestationTest, HmacAttestation) {
-    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
-                                             .Authorization(TAG_NO_AUTH_REQUIRED)
-                                             .HmacKey(128)
-                                             .EcbMode()
-                                             .Digest(Digest::SHA_2_256)
-                                             .Authorization(TAG_MIN_MAC_LENGTH, 128)));
+    ASSERT_EQ(ErrorCode::OK,
+              GenerateKey(AuthorizationSetBuilder()
+                              .Authorization(TAG_NO_AUTH_REQUIRED)
+                              .HmacKey(128)
+                              .EcbMode()
+                              .Digest(Digest::SHA_2_256)
+                              .Authorization(TAG_MIN_MAC_LENGTH, 128)));
 
     hidl_vec<hidl_vec<uint8_t>> cert_chain;
-    EXPECT_EQ(ErrorCode::INCOMPATIBLE_ALGORITHM,
-              AttestKey(AuthorizationSetBuilder().Authorization(TAG_ATTESTATION_CHALLENGE,
-                                                                HidlBuf("challenge")),
-                        &cert_chain));
+    EXPECT_EQ(
+        ErrorCode::INCOMPATIBLE_ALGORITHM,
+        AttestKey(
+            AuthorizationSetBuilder()
+                .Authorization(TAG_ATTESTATION_CHALLENGE, HidlBuf("challenge"))
+                .Authorization(TAG_ATTESTATION_APPLICATION_ID, HidlBuf("foo")),
+            &cert_chain));
 }
 
 typedef KeymasterHidlTest KeyDeletionTest;