tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge changes I487000cc,I9310a851 am: a15f40bd0c am: 63f4ac766b

Browse source 
Change-Id: I4b0546eb8e690fd43e010abe6329fdbe39d7e7b8
This commit is contained in:
Automerger Merge Worker 2020-02-12 01:10:14 +00:00
commit 14e55cd2a3
6 changed files with 101 additions and 112 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
keymaster/4.0/vts/functional/HmacKeySharingTest.cpp
View file

@ -28,6 +28,16 @@ namespace test {
*/
class HmacKeySharingTest : public KeymasterHidlTest {
protected:
const std::vector<sp<IKeymasterDevice>>& allKeymasters() {
if (all_keymasters_.empty()) {
auto names = android::hardware::getAllHalInstanceNames(IKeymasterDevice::descriptor);
for (const auto& name : names) {
all_keymasters_.push_back(IKeymasterDevice::getService(name));
}
}
return all_keymasters_;
}
struct GetParamsResult {
ErrorCode error;
HmacSharingParameters params;
@ -99,8 +109,13 @@ class HmacKeySharingTest : public KeymasterHidlTest {
EXPECT_EQ(expected, response.sharing_check) << "Sharing check values should match.";
}
}
private:
static std::vector<sp<IKeymasterDevice>> all_keymasters_;
};
std::vector<sp<IKeymasterDevice>> HmacKeySharingTest::all_keymasters_;
TEST_P(HmacKeySharingTest, GetParameters) {
auto result1 = getHmacSharingParameters(keymaster());
EXPECT_EQ(ErrorCode::OK, result1.error);
@ -115,26 +130,26 @@ TEST_P(HmacKeySharingTest, GetParameters) {
}
TEST_P(HmacKeySharingTest, ComputeSharedHmac) {
auto params = getHmacSharingParameters(all_keymasters());
ASSERT_EQ(all_keymasters().size(), params.size())
<< "One or more keymasters failed to provide parameters.";
auto params = getHmacSharingParameters(allKeymasters());
ASSERT_EQ(allKeymasters().size(), params.size())
<< "One or more keymasters failed to provide parameters.";
auto nonces = copyNonces(params);
EXPECT_EQ(all_keymasters().size(), nonces.size());
EXPECT_EQ(allKeymasters().size(), nonces.size());
std::sort(nonces.begin(), nonces.end());
std::unique(nonces.begin(), nonces.end());
EXPECT_EQ(all_keymasters().size(), nonces.size());
EXPECT_EQ(allKeymasters().size(), nonces.size());
auto responses = computeSharedHmac(all_keymasters(), params);
auto responses = computeSharedHmac(allKeymasters(), params);
ASSERT_GT(responses.size(), 0U);
verifyResponses(responses[0].sharing_check, responses);
// Do it a second time. Should get the same answers.
params = getHmacSharingParameters(all_keymasters());
ASSERT_EQ(all_keymasters().size(), params.size())
<< "One or more keymasters failed to provide parameters.";
params = getHmacSharingParameters(allKeymasters());
ASSERT_EQ(allKeymasters().size(), params.size())
<< "One or more keymasters failed to provide parameters.";
responses = computeSharedHmac(all_keymasters(), params);
responses = computeSharedHmac(allKeymasters(), params);
ASSERT_GT(responses.size(), 0U);
ASSERT_EQ(32U, responses[0].sharing_check.size());
verifyResponses(responses[0].sharing_check, responses);
@ -160,15 +175,16 @@ TEST_P(HmacKeySharingTest, ComputeSharedHmacCorruptNonce) {
// sync with respect to the HMAC key. Granted that VTS tests aren't run on in-use production
// devices, this still has the potential to cause confusion. To mitigate that, we always
// (barring crashes :-/) re-run the unmodified agreement process on our way out.
auto fixup_hmac = finally(
[&]() { computeSharedHmac(all_keymasters(), getHmacSharingParameters(all_keymasters())); });
auto fixup_hmac = finally([&]() {
computeSharedHmac(allKeymasters(), getHmacSharingParameters(allKeymasters()));
});
auto params = getHmacSharingParameters(all_keymasters());
ASSERT_EQ(all_keymasters().size(), params.size())
<< "One or more keymasters failed to provide parameters.";
auto params = getHmacSharingParameters(allKeymasters());
ASSERT_EQ(allKeymasters().size(), params.size())
<< "One or more keymasters failed to provide parameters.";
// All should be well in the normal case
auto responses = computeSharedHmac(all_keymasters(), params);
auto responses = computeSharedHmac(allKeymasters(), params);
ASSERT_GT(responses.size(), 0U);
HidlBuf correct_response = responses[0].sharing_check;
@ -181,7 +197,7 @@ TEST_P(HmacKeySharingTest, ComputeSharedHmacCorruptNonce) {
uint8_t bit_to_tweak = rand() % 8;
params[param_to_tweak].nonce[byte_to_tweak] ^= (1 << bit_to_tweak);
responses = computeSharedHmac(all_keymasters(), params);
responses = computeSharedHmac(allKeymasters(), params);
for (size_t i = 0; i < responses.size(); ++i) {
if (i == param_to_tweak) {
EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, responses[i].error)
@ -199,15 +215,16 @@ TEST_P(HmacKeySharingTest, ComputeSharedHmacCorruptSeed) {
// sync with respect to the HMAC key. Granted that VTS tests aren't run on in-use production
// devices, this still has the potential to cause confusion. To mitigate that, we always
// (barring crashes :-/) re-run the unmodified agreement process on our way out.
auto fixup_hmac = finally(
[&]() { computeSharedHmac(all_keymasters(), getHmacSharingParameters(all_keymasters())); });
auto fixup_hmac = finally([&]() {
computeSharedHmac(allKeymasters(), getHmacSharingParameters(allKeymasters()));
});
auto params = getHmacSharingParameters(all_keymasters());
ASSERT_EQ(all_keymasters().size(), params.size())
<< "One or more keymasters failed to provide parameters.";
auto params = getHmacSharingParameters(allKeymasters());
ASSERT_EQ(allKeymasters().size(), params.size())
<< "One or more keymasters failed to provide parameters.";
// All should be well in the normal case
auto responses = computeSharedHmac(all_keymasters(), params);
auto responses = computeSharedHmac(allKeymasters(), params);
ASSERT_GT(responses.size(), 0U);
HidlBuf correct_response = responses[0].sharing_check;
@ -223,7 +240,7 @@ TEST_P(HmacKeySharingTest, ComputeSharedHmacCorruptSeed) {
}
to_tweak[0]++;
responses = computeSharedHmac(all_keymasters(), params);
responses = computeSharedHmac(allKeymasters(), params);
for (size_t i = 0; i < responses.size(); ++i) {
if (i == param_to_tweak) {
EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, responses[i].error)
@ -236,10 +253,7 @@ TEST_P(HmacKeySharingTest, ComputeSharedHmacCorruptSeed) {
}
}
INSTANTIATE_TEST_SUITE_P(
PerInstance, HmacKeySharingTest,
testing::ValuesIn(android::hardware::getAllHalInstanceNames(IKeymasterDevice::descriptor)),
android::hardware::PrintInstanceNameToString);
INSTANTIATE_KEYMASTER_HIDL_TEST(HmacKeySharingTest);
} // namespace test
} // namespace V4_0

34
keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
View file

@ -42,39 +42,27 @@ namespace V4_0 {
namespace test {
using namespace std::literals::chrono_literals;
void KeymasterHidlTest::InitializeKeymaster() {
service_name_ = GetParam();
keymaster_ = IKeymasterDevice::getService(service_name_);
keymaster_ = IKeymasterDevice::getService(GetParam());
ASSERT_NE(keymaster_, nullptr);
ASSERT_TRUE(keymaster_
->getHardwareInfo([&](SecurityLevel securityLevel, const hidl_string& name,
const hidl_string& author) {
securityLevel_ = securityLevel;
name_ = name;
author_ = author;
})
.isOk());
->getHardwareInfo([&](SecurityLevel securityLevel, const hidl_string& name,
const hidl_string& author) {
securityLevel_ = securityLevel;
name_ = name;
author_ = author;
})
.isOk());
}
void KeymasterHidlTest::SetUpTestCase() {
void KeymasterHidlTest::SetUp() {
InitializeKeymaster();
os_version_ = support::getOsVersion();
os_patch_level_ = support::getOsPatchlevel();
auto service_manager = android::hidl::manager::V1_0::IServiceManager::getService();
ASSERT_NE(nullptr, service_manager.get());
all_keymasters_.push_back(keymaster_);
service_manager->listByInterface(
IKeymasterDevice::descriptor, [&](const hidl_vec<hidl_string>& names) {
for (auto& name : names) {
if (name == service_name_) continue;
auto keymaster = IKeymasterDevice::getService(name);
ASSERT_NE(keymaster, nullptr);
all_keymasters_.push_back(keymaster);
}
});
}
ErrorCode KeymasterHidlTest::GenerateKey(const AuthorizationSet& key_desc, HidlBuf* key_blob,

37
keymaster/4.0/vts/functional/KeymasterHidlTest.h
View file

@ -18,8 +18,9 @@
#include <android/hardware/keymaster/4.0/IKeymasterDevice.h>
#include <android/hardware/keymaster/4.0/types.h>
#include <VtsHalHidlTargetTestBase.h>
#include <gtest/gtest.h>
#include <hidl/GtestPrinter.h>
#include <hidl/ServiceManagement.h>
#include <keymasterV4_0/authorization_set.h>
@ -33,13 +34,13 @@ namespace V4_0 {
namespace test {
using ::android::sp;
using ::std::string;
using hidl::base::V1_0::DebugInfo;
using ::std::string;
class HidlBuf : public hidl_vec<uint8_t> {
typedef hidl_vec<uint8_t> super;
public:
public:
HidlBuf() {}
HidlBuf(const super& other) : super(other) {}
HidlBuf(super&& other) : super(std::move(other)) {}
@ -68,20 +69,16 @@ constexpr uint64_t kOpHandleSentinel = 0xFFFFFFFFFFFFFFFF;
class KeymasterHidlTest : public ::testing::TestWithParam<std::string> {
public:
void SetUp();
void SetUp() override;
void TearDown() override {
if (key_blob_.size()) {
CheckedDeleteKey();
}
AbortIfNeeded();
keymaster_.clear();
all_keymasters_.clear();
}
void InitializeKeymaster();
IKeymasterDevice& keymaster() { return *keymaster_; }
const std::vector<sp<IKeymasterDevice>>& all_keymasters() { return all_keymasters_; }
uint32_t os_version() { return os_version_; }
uint32_t os_patch_level() { return os_patch_level_; }
@ -207,18 +204,22 @@ class KeymasterHidlTest : public ::testing::TestWithParam<std::string> {
KeyCharacteristics key_characteristics_;
OperationHandle op_handle_ = kOpHandleSentinel;
private:
sp<IKeymasterDevice> keymaster_;
std::vector<sp<IKeymasterDevice>> all_keymasters_;
uint32_t os_version_;
uint32_t os_patch_level_;
private:
sp<IKeymasterDevice> keymaster_;
uint32_t os_version_;
uint32_t os_patch_level_;
SecurityLevel securityLevel_;
hidl_string name_;
hidl_string author_;
string service_name_;
SecurityLevel securityLevel_;
hidl_string name_;
hidl_string author_;
};
#define INSTANTIATE_KEYMASTER_HIDL_TEST(name) \
INSTANTIATE_TEST_SUITE_P(PerInstance, name, \
testing::ValuesIn(android::hardware::getAllHalInstanceNames( \
IKeymasterDevice::descriptor)), \
android::hardware::PrintInstanceNameToString)
} // namespace test
} // namespace V4_0
} // namespace keymaster

5
keymaster/4.0/vts/functional/VerificationTokenTest.cpp
View file

@ -185,10 +185,7 @@ TEST_P(VerificationTokenTest, MacChangesOnChangingTimestamp) {
memcmp(result1.token.mac.data(), result2.token.mac.data(), result1.token.mac.size()));
}
INSTANTIATE_TEST_SUITE_P(
PerInstance, VerificationTokenTest,
testing::ValuesIn(android::hardware::getAllHalInstanceNames(IKeymasterDevice::descriptor)),
android::hardware::PrintInstanceNameToString);
INSTANTIATE_KEYMASTER_HIDL_TEST(VerificationTokenTest);
} // namespace test
} // namespace V4_0

65
keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
View file

@ -840,6 +840,8 @@ TEST_P(NewKeyGenerationTest, HmacDigestNone) {
.Authorization(TAG_MIN_MAC_LENGTH, 128)));
}
INSTANTIATE_KEYMASTER_HIDL_TEST(NewKeyGenerationTest);
typedef KeymasterHidlTest SigningOperationsTest;
/*
@ -1509,6 +1511,8 @@ TEST_P(SigningOperationsTest, HmacRfc4231TestCase5) {
}
}
INSTANTIATE_KEYMASTER_HIDL_TEST(SigningOperationsTest);
typedef KeymasterHidlTest VerificationOperationsTest;
/*
@ -1749,6 +1753,8 @@ TEST_P(VerificationOperationsTest, HmacSigningKeyCannotVerify) {
CheckedDeleteKey(&verification_key);
}
INSTANTIATE_KEYMASTER_HIDL_TEST(VerificationOperationsTest);
typedef KeymasterHidlTest ExportKeyTest;
/*
@ -1828,6 +1834,8 @@ TEST_P(ExportKeyTest, AesKeyUnexportable) {
EXPECT_EQ(ErrorCode::UNSUPPORTED_KEY_FORMAT, ExportKey(KeyFormat::RAW, &export_data));
}
INSTANTIATE_KEYMASTER_HIDL_TEST(ExportKeyTest);
class ImportKeyTest : public KeymasterHidlTest {
public:
template <TagType tag_type, Tag tag, typename ValueT>
@ -2093,6 +2101,8 @@ TEST_P(ImportKeyTest, HmacKeySuccess) {
VerifyMessage(message, signature, AuthorizationSetBuilder().Digest(Digest::SHA_2_256));
}
INSTANTIATE_KEYMASTER_HIDL_TEST(ImportKeyTest);
auto wrapped_key = hex2str(
"3082017902010004820100934bf94e2aa28a3f83c9f79297250262fbe3276b5a1c91159bbfa3ef8957aac84b59b30b"
"455a79c2973480823d8b3863c3deef4a8e243590268d80e18751a0e130f67ce6a1ace9f79b95e097474febc981195b"
@ -2214,6 +2224,8 @@ TEST_P(ImportWrappedKeyTest, WrongPurpose) {
.Padding(PaddingMode::RSA_OAEP)));
}
INSTANTIATE_KEYMASTER_HIDL_TEST(ImportWrappedKeyTest);
typedef KeymasterHidlTest EncryptionOperationsTest;
/*
@ -4111,6 +4123,8 @@ TEST_P(EncryptionOperationsTest, TripleDesCbcIncrementalNoPadding) {
EXPECT_EQ(message, plaintext);
}
INSTANTIATE_KEYMASTER_HIDL_TEST(EncryptionOperationsTest);
typedef KeymasterHidlTest MaxOperationsTest;
/*
@ -4166,6 +4180,8 @@ TEST_P(MaxOperationsTest, TestLimitRsa) {
EXPECT_EQ(ErrorCode::KEY_MAX_OPS_EXCEEDED, Begin(KeyPurpose::SIGN, params));
}
INSTANTIATE_KEYMASTER_HIDL_TEST(MaxOperationsTest);
typedef KeymasterHidlTest AddEntropyTest;
/*
@ -4196,6 +4212,8 @@ TEST_P(AddEntropyTest, AddLargeEntropy) {
EXPECT_EQ(ErrorCode::OK, keymaster().addRngEntropy(HidlBuf(string(2 * 1024, 'a'))));
}
INSTANTIATE_KEYMASTER_HIDL_TEST(AddEntropyTest);
typedef KeymasterHidlTest AttestationTest;
/*
@ -4373,6 +4391,8 @@ TEST_P(AttestationTest, HmacAttestation) {
&cert_chain));
}
INSTANTIATE_KEYMASTER_HIDL_TEST(AttestationTest);
typedef KeymasterHidlTest KeyDeletionTest;
/**
@ -4478,6 +4498,8 @@ TEST_P(KeyDeletionTest, DeleteAllKeys) {
}
}
INSTANTIATE_KEYMASTER_HIDL_TEST(KeyDeletionTest);
using UpgradeKeyTest = KeymasterHidlTest;
/*
@ -4497,6 +4519,8 @@ TEST_P(UpgradeKeyTest, UpgradeKey) {
EXPECT_EQ(result, std::make_pair(ErrorCode::OK, HidlBuf()));
}
INSTANTIATE_KEYMASTER_HIDL_TEST(UpgradeKeyTest);
using ClearOperationsTest = KeymasterHidlTest;
/*
@ -4572,6 +4596,8 @@ TEST_P(ClearOperationsTest, ServiceDeath) {
}
}
INSTANTIATE_KEYMASTER_HIDL_TEST(ClearOperationsTest);
typedef KeymasterHidlTest TransportLimitTest;
/*
@ -4624,44 +4650,7 @@ TEST_P(TransportLimitTest, LargeFinishInput) {
CheckedDeleteKey();
}
static const auto kKeymasterDeviceChoices =
testing::ValuesIn(android::hardware::getAllHalInstanceNames(IKeymasterDevice::descriptor));
INSTANTIATE_TEST_SUITE_P(PerInstance, NewKeyGenerationTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, ImportKeyTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, ImportWrappedKeyTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, SigningOperationsTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, VerificationOperationsTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, ExportKeyTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, EncryptionOperationsTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, MaxOperationsTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, AddEntropyTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, AttestationTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, KeyDeletionTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_TEST_SUITE_P(PerInstance, TransportLimitTest, kKeymasterDeviceChoices,
android::hardware::PrintInstanceNameToString);
INSTANTIATE_KEYMASTER_HIDL_TEST(TransportLimitTest);
} // namespace test
} // namespace V4_0

2
keymaster/4.1/vts/functional/EarlyBootKeyTest.cpp
View file

@ -16,6 +16,6 @@
namespace android::hardware::keymaster::V4_1::test {
// TODO(swillden): Put tests here.
} // namespace android::hardware::keymaster::V4_1::test