OSDN > Developer > pins_enock > Chamber > system-hardware-interfaces > Commit

system-hardware-interfaces
Fork

Fork origin: android-x86 / system-hardware-interfaces

R/O
HTTP
SSH
HTTPS

Commit

Commit MetaInfo

Revisão	b6e830f18ffcf5b17a70fdc5ff2b53967adfa376 (tree)
Hora	2019-01-30 04:17:43
Autor	Branden Archer <brarcher@goog...>
Commiter	Branden Archer

Mensagem de Log

Add VTS for Wifi Keystore HAL's getBlob()

This exercises paths through the Wifi Keystore HAL's getBlob()
method.

Test: atest system/hardware/interfaces/wifi/keystore/1.0/

vts/functional/VtsHalWifiKeystoreV1_0TargetTest.cpp

Change-Id: I93114c8de00049478b9bf57124d09b1f4f2ebdd6

Mudança Sumário

modified: wifi/keystore/1.0/vts/functional/VtsHalWifiKeystoreV1_0TargetTest.cpp (diff)

Diff

--- a/wifi/keystore/1.0/vts/functional/VtsHalWifiKeystoreV1_0TargetTest.cpp

+++ b/wifi/keystore/1.0/vts/functional/VtsHalWifiKeystoreV1_0TargetTest.cpp

		@@ -61,22 +61,33 @@ class WifiKeystoreHalTest : public Test {
61	61
62	62	EXPECT_NE(nullptr, service.get());
63	63
64		- deleteKey(kTestKeyName);
	64	+ resetState();
65	65	}
66	66
67		- void TearDown() override { deleteKey(kTestKeyName); }
	67	+ void TearDown() override { resetState(); }
	68	+
	69	+ /**
	70	+ * Resets the relevant state of the system between tests
	71	+ */
	72	+ void resetState() {
	73	+ for (uid_t uid : {UID_SELF, AID_WIFI}) {
	74	+ deleteKey(kTestKeyName, uid);
	75	+ }
	76	+ }
68	77
69	78	/**
70	79	* Delete a key if it exists.
71	80	*
72	81	* @param keyName: name of the key to delete
	82	+ * @param uid: the uid to delete the key on behalf of. Use
	83	+ * UID_SELF to use the process' uid.
73	84	*
74	85	* @return true iff the key existed and is now deleted, false otherwise.
75	86	*/
76		- bool deleteKey(std::string keyName) {
	87	+ bool deleteKey(std::string keyName, uid_t uid) {
77	88	String16 keyName16(keyName.data(), keyName.size());
78	89	int32_t result;
79		- auto binder_result = service->del(keyName16, -1 /* process' uid*/, &result);
	90	+ auto binder_result = service->del(keyName16, uid, &result);
80	91	if (!binder_result.isOk()) {
81	92	cout << "deleteKey: failed binder call" << endl;
82	93	return false;

		@@ -98,11 +109,13 @@ class WifiKeystoreHalTest : public Test {
98	109	*
99	110	* @param keyName: name of the key to generate
100	111	* @param purpose: the purpose the generated key will support
	112	+ * @param uid: the uid to generate the key on behalf of. Use
	113	+ * UID_SELF to use the process' uid.
101	114	*
102	115	* @return true iff the key was successfully generated and is
103	116	* ready for use, false otherwise.
104	117	*/
105		- bool generateKey(std::string keyName, KeyPurpose purpose) {
	118	+ bool generateKey(std::string keyName, KeyPurpose purpose, uid_t uid) {
106	119	constexpr uint32_t kAESKeySize = 256;
107	120
108	121	int32_t aidl_return;

		@@ -128,8 +141,8 @@ class WifiKeystoreHalTest : public Test {
128	141	fflush(stdout);
129	142	auto binder_result = service->generateKey(
130	143	promise, keyName16, KeymasterArguments(key_parameters.hidl_data()), entropy,
131		- -1, // create key for process' uid
132		- 0, // empty flags; pick default key provider
	144	+ uid, // create key for process' uid
	145	+ 0, // empty flags; pick default key provider
133	146	&aidl_return);
134	147
135	148	if (!binder_result.isOk()) {

		@@ -152,17 +165,19 @@ class WifiKeystoreHalTest : public Test {
152	165	* Creates a TYPE_GENERIC key blob. This cannot be used for signing.
153	166	*
154	167	* @param keyName: name of the key to generate.
	168	+ * @param uid: the uid to insert the key on behalf of. Use
	169	+ * UID_SELF to use the process' uid.
155	170	*
156	171	* @returns true iff the key was successfully created, false otherwise.
157	172	*/
158		- bool insert(std::string keyName) {
	173	+ bool insert(std::string keyName, uid_t uid) {
159	174	int32_t aidl_return;
160	175	vector<uint8_t> item;
161	176
162	177	String16 keyName16(keyName.data(), keyName.size());
163	178	auto binder_result = service->insert(keyName16, item,
164		- -1, // Use process' uid
165		- 0, // empty flags; pick default key provider
	179	+ uid, // Use process' uid
	180	+ 0, // empty flags; pick default key provider
166	181	&aidl_return);
167	182
168	183	if (!binder_result.isOk()) {

		@@ -181,6 +196,7 @@ class WifiKeystoreHalTest : public Test {
181	196
182	197	constexpr static const char kKeystoreServiceName[] = "android.security.keystore";
183	198	constexpr static const char kTestKeyName[] = "TestKeyName";
	199	+ constexpr static const int32_t UID_SELF = -1;
184	200
185	201	IKeystore* keystore = nullptr;
186	202	sp<IKeystoreService> service;

		@@ -208,7 +224,7 @@ TEST_F(WifiKeystoreHalTest, Sign) {
208	224	keystore->sign("", dataToSign, callback);
209	225	EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
210	226
211		- bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING);
	227	+ bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, UID_SELF);
212	228	EXPECT_EQ(result, true);
213	229
214	230	// The data to sign is empty, and a failure is expected

		@@ -224,10 +240,10 @@ TEST_F(WifiKeystoreHalTest, Sign) {
224	240
225	241	// Create a key which cannot sign; any signing attempt should fail.
226	242
227		- result = deleteKey(kTestKeyName);
	243	+ result = deleteKey(kTestKeyName, UID_SELF);
228	244	EXPECT_EQ(result, true);
229	245
230		- result = generateKey(kTestKeyName, KeyPurpose::ENCRYPTION);
	246	+ result = generateKey(kTestKeyName, KeyPurpose::ENCRYPTION, UID_SELF);
231	247	EXPECT_EQ(result, true);
232	248
233	249	keystore->sign(kTestKeyName, dataToSign, callback);

		@@ -236,14 +252,64 @@ TEST_F(WifiKeystoreHalTest, Sign) {
236	252	// Generate a TYPE_GENERIC key instead of a TYPE_KEYMASTER_10 key.
237	253	// This also cannot be used to sign.
238	254
239		- result = deleteKey(kTestKeyName);
	255	+ result = deleteKey(kTestKeyName, UID_SELF);
240	256	EXPECT_EQ(result, true);
241	257
242		- result = insert(kTestKeyName);
	258	+ result = insert(kTestKeyName, UID_SELF);
243	259	EXPECT_EQ(result, true);
244	260
245	261	keystore->sign(kTestKeyName, dataToSign, callback);
246	262	EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
247	263	}
248	264
	265	+/**
	266	+ * Test for the Wifi Keystore HAL's getBlob() call.
	267	+ */
	268	+TEST_F(WifiKeystoreHalTest, GetBlob) {
	269	+ IKeystore::KeystoreStatusCode statusCode;
	270	+
	271	+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
	272	+ const ::android::hardware::hidl_vec<uint8_t>& /value/) {
	273	+ statusCode = status;
	274	+ return;
	275	+ };
	276	+
	277	+ // Attempting to get a blob on a non-existent key should fail.
	278	+
	279	+ statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
	280	+ keystore->getBlob(nullptr, callback);
	281	+ EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
	282	+
	283	+ statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
	284	+ keystore->getBlob("", callback);
	285	+ EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
	286	+
	287	+ statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
	288	+ keystore->getBlob(kTestKeyName, callback);
	289	+ EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
	290	+
	291	+ // The HAL is expecting the key to belong to the wifi user.
	292	+ // If the key belongs to another user's space it should fail.
	293	+
	294	+ bool result = insert(kTestKeyName, UID_SELF);
	295	+ EXPECT_EQ(result, true);
	296	+
	297	+ keystore->getBlob(kTestKeyName, callback);
	298	+ EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
	299	+
	300	+ result = deleteKey(kTestKeyName, UID_SELF);
	301	+ EXPECT_EQ(result, true);
	302	+
	303	+ // Accessing the key belonging to the wifi user should succeed.
	304	+
	305	+ result = insert(kTestKeyName, AID_WIFI);
	306	+ EXPECT_EQ(result, true);
	307	+
	308	+ keystore->getBlob(kTestKeyName, callback);
	309	+ EXPECT_EQ(IKeystore::KeystoreStatusCode::SUCCESS, statusCode);
	310	+
	311	+ result = deleteKey(kTestKeyName, AID_WIFI);
	312	+ EXPECT_EQ(result, true);
	313	+}
	314	+
249	315	} // namespace

system-hardware-interfaces Fork