KeyMint VTS: catch empty cert chains

Explicitly detect empty cert chains returned by GenerateKey rather than crashing when trying to dereference the first entry. Bug: 195605180 Test: VtsAidlKeyMintTargetTest Merged-In: Idad2703b458952ff599c6ccdd04a941aef7aedde Change-Id: Idad2703b458952ff599c6ccdd04a941aef7aedde Ignore-AOSP-First: already merged in aosp/master
author: David Drysdale <drysdale@google.com> 2021-08-05 07:50:23 +0100
committer: David Drysdale <drysdale@google.com> 2021-08-11 16:33:13 +0100
commit: 1cc416882f2b200636c1e6bb87b09f00623f8762 (patch)
tree: 5ed8c86c913d009050daa89d5fb07cef59b1c014 /security/keymint/aidl/vts/functional/AttestKeyTest.cpp
parent: b2239ad43fdc74e846414e61428be163c9a9804c (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index a3127237a..26ed34427 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -312,6 +312,7 @@ TEST_P(AttestKeyTest, RsaAttestKeyChaining) {
 
         AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
         AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+        ASSERT_GT(cert_chain_list[i].size(), 0);
         EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
                                               cert_chain_list[i][0].encodedCertificate));
 
@@ -383,6 +384,7 @@ TEST_P(AttestKeyTest, EcAttestKeyChaining) {
 
         AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
         AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+        ASSERT_GT(cert_chain_list[i].size(), 0);
         EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
                                               cert_chain_list[i][0].encodedCertificate));
 
@@ -471,6 +473,7 @@ TEST_P(AttestKeyTest, AlternateAttestKeyChaining) {
 
         AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
         AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+        ASSERT_GT(cert_chain_list[i].size(), 0);
         EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
                                               cert_chain_list[i][0].encodedCertificate));
author	David Drysdale <drysdale@google.com>	2021-08-05 07:50:23 +0100
committer	David Drysdale <drysdale@google.com>	2021-08-11 16:33:13 +0100
commit	1cc416882f2b200636c1e6bb87b09f00623f8762 (patch)
tree	5ed8c86c913d009050daa89d5fb07cef59b1c014 /security/keymint/aidl/vts/functional/AttestKeyTest.cpp
parent	b2239ad43fdc74e846414e61428be163c9a9804c (diff)