diff --git a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp index fcd4dece77..784f9b80c6 100644 --- a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp +++ b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp @@ -374,7 +374,7 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase { public: void TearDown() override { if (key_blob_.size()) { - EXPECT_EQ(ErrorCode::OK, DeleteKey()); + CheckedDeleteKey(); } AbortIfNeeded(); } @@ -505,6 +505,13 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase { return error; } + void CheckedDeleteKey(HidlBuf* key_blob, bool keep_key_blob = false) { + auto rc = DeleteKey(key_blob, keep_key_blob); + EXPECT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED); + } + + void CheckedDeleteKey() { CheckedDeleteKey(&key_blob_); } + ErrorCode GetCharacteristics(const HidlBuf& key_blob, const HidlBuf& client_id, const HidlBuf& app_data, KeyCharacteristics* key_characteristics) { ErrorCode error; @@ -718,7 +725,7 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase { KeyFormat::RAW, key)); string signature = MacMessage(message, digest, expected_mac.size() * 8); EXPECT_EQ(expected_mac, signature) << "Test vector didn't match for digest " << (int)digest; - DeleteKey(); + CheckedDeleteKey(); } void CheckAesCtrTestVector(const string& key, const string& nonce, const string& message, @@ -1067,7 +1074,7 @@ TEST_F(NewKeyGenerationTest, Rsa) { EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size)); EXPECT_TRUE(crypto_params.Contains(TAG_RSA_PUBLIC_EXPONENT, 3)); - EXPECT_EQ(ErrorCode::OK, DeleteKey(&key_blob)); + CheckedDeleteKey(&key_blob); } } @@ -1112,7 +1119,7 @@ TEST_F(NewKeyGenerationTest, Ecdsa) { EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC)); EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size)); - EXPECT_EQ(ErrorCode::OK, DeleteKey(&key_blob)); + CheckedDeleteKey(&key_blob); } } @@ -1161,7 +1168,7 @@ TEST_F(NewKeyGenerationTest, EcdsaAllValidSizes) { EXPECT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(size).Digest(Digest::NONE))) << "Failed to generate size: " << size; - DeleteKey(); + CheckedDeleteKey(); } } @@ -1177,7 +1184,7 @@ TEST_F(NewKeyGenerationTest, EcdsaAllValidCurves) { ErrorCode::OK, GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(curve).Digest(Digest::SHA_2_512))) << "Failed to generate key on curve: " << curve; - DeleteKey(); + CheckedDeleteKey(); } } @@ -1227,7 +1234,7 @@ TEST_F(NewKeyGenerationTest, Hmac) { EXPECT_TRUE(softwareEnforced.Contains(TAG_KEY_SIZE, key_size)); } - EXPECT_EQ(ErrorCode::OK, DeleteKey(&key_blob)); + CheckedDeleteKey(&key_blob); } } @@ -1255,7 +1262,7 @@ TEST_F(NewKeyGenerationTest, HmacCheckKeySizes) { .HmacKey(key_size) .Digest(Digest::SHA_2_256) .Authorization(TAG_MIN_MAC_LENGTH, 256))); - DeleteKey(); + CheckedDeleteKey(); } } } @@ -1287,7 +1294,7 @@ TEST_F(NewKeyGenerationTest, HmacCheckMinMacLengths) { .HmacKey(128) .Digest(Digest::SHA_2_256) .Authorization(TAG_MIN_MAC_LENGTH, min_mac_length))); - DeleteKey(); + CheckedDeleteKey(); } } } @@ -1677,7 +1684,7 @@ TEST_F(SigningOperationsTest, EcdsaAllSizesAndHashes) { string message(1024, 'a'); if (digest == Digest::NONE) message.resize(key_size / 8); SignMessage(message, AuthorizationSetBuilder().Digest(digest)); - DeleteKey(); + CheckedDeleteKey(); } } } @@ -1698,7 +1705,7 @@ TEST_F(SigningOperationsTest, EcdsaAllCurves) { string message(1024, 'a'); SignMessage(message, AuthorizationSetBuilder().Digest(Digest::SHA_2_256)); - DeleteKey(); + CheckedDeleteKey(); } } @@ -1759,7 +1766,7 @@ TEST_F(SigningOperationsTest, HmacAllDigests) { string signature = MacMessage(message, digest, 160); EXPECT_EQ(160U / 8U, signature.size()) << "Failed to sign with HMAC key with digest " << digest; - DeleteKey(); + CheckedDeleteKey(); } } @@ -2146,7 +2153,8 @@ TEST_F(VerificationOperationsTest, EcdsaAllDigestsAndCurves) { << curve << ' ' << digest; } - ASSERT_EQ(ErrorCode::OK, DeleteKey()); + auto rc = DeleteKey(); + ASSERT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED); } } @@ -2192,8 +2200,8 @@ TEST_F(VerificationOperationsTest, HmacSigningKeyCannotVerify) { VerifyMessage(verification_key, message, signature, AuthorizationSetBuilder().Digest(Digest::SHA1)); - EXPECT_EQ(ErrorCode::OK, DeleteKey(&signing_key)); - EXPECT_EQ(ErrorCode::OK, DeleteKey(&verification_key)); + CheckedDeleteKey(&signing_key); + CheckedDeleteKey(&verification_key); } typedef KeymasterHidlTest ExportKeyTest; @@ -3441,14 +3449,14 @@ TEST_F(EncryptionOperationsTest, AesGcmCorruptKey) { string key = make_string(key_bytes); ASSERT_EQ(ErrorCode::OK, ImportKey(import_params, KeyFormat::RAW, key)); string plaintext = DecryptMessage(ciphertext, params); - EXPECT_EQ(ErrorCode::OK, DeleteKey()); + CheckedDeleteKey(); // Corrupt key and attempt to decrypt key[0] = 0; ASSERT_EQ(ErrorCode::OK, ImportKey(import_params, KeyFormat::RAW, key)); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, params)); EXPECT_EQ(ErrorCode::VERIFICATION_FAILED, Finish(ciphertext, &plaintext)); - EXPECT_EQ(ErrorCode::OK, DeleteKey()); + CheckedDeleteKey(); } /*