more gatekeeper unit tests

am: 21223c8b36 * commit '21223c8b367ca11daa38695b5b4d2f1f7fe0269d': more gatekeeper unit tests
author: Andres Morales <anmorales@google.com> 2015-11-12 17:33:53 +0000
committer: android-build-merger <android-build-merger@google.com> 2015-11-12 17:33:53 +0000
commit: 69d977a22acf436d3369eddd8d9b73cc19677d59 (patch)
tree: 2e33c0400f6b893f7109a3aa61ab8a606be807f2
parent: 6a886d78a06c75be38ecedf538137d33b25209bd (diff)
parent: 21223c8b367ca11daa38695b5b4d2f1f7fe0269d (diff)
download: gatekeeper-69d977a22acf436d3369eddd8d9b73cc19677d59.tar.gz
1 files changed, 83 insertions, 8 deletions
diff --git a/tests/gatekeeper_device_test.cpp b/tests/gatekeeper_device_test.cpp
index 2c96941..eea523f 100644
--- a/tests/gatekeeper_device_test.cpp
+++ b/tests/gatekeeper_device_test.cpp
@@ -16,6 +16,7 @@
 #include <gtest/gtest.h>
 #include <hardware/gatekeeper.h>
 #include <gatekeeper/gatekeeper.h> // For password_handle_t
+#include <unistd.h>
 
 using ::testing::Test;
 using ::gatekeeper::password_handle_t;
@@ -49,6 +50,29 @@ public:
     gatekeeper_device_t *device;
 };
 
+TEST_F(GateKeeperDeviceTest, EnrollAndVerifyStress) {
+    uint32_t password_len = 50;
+    uint8_t password_payload[password_len];
+    uint8_t *password_handle;
+    uint32_t password_handle_length;
+    uint8_t *auth_token;
+    uint32_t auth_token_len;
+    int ret;
+
+    ret = device->enroll(device, 400, NULL, 0, NULL, 0,  password_payload, password_len,
+            &password_handle, &password_handle_length);
+
+    ASSERT_EQ(0, ret);
+
+    for (int i = 0; i < 1000; i++) {
+        bool should_reenroll;
+        ret = device->verify(device, 400, 0, password_handle, password_handle_length,
+                password_payload, password_len, &auth_token, &auth_token_len, &should_reenroll);
+
+        ASSERT_EQ(0, ret);
+    }
+}
+
 TEST_F(GateKeeperDeviceTest, EnrollAndVerify) {
     uint32_t password_len = 50;
     uint8_t password_payload[password_len];
@@ -56,16 +80,67 @@ TEST_F(GateKeeperDeviceTest, EnrollAndVerify) {
     uint32_t password_handle_length;
     uint8_t *auth_token;
     uint32_t auth_token_len;
+    hw_auth_token_t *hat;
     int ret;
 
-    ret = device->enroll(device, 0, NULL, 0, NULL, 0,  password_payload, password_len,
+    ret = device->enroll(device, 400, NULL, 0, NULL, 0,  password_payload, password_len,
             &password_handle, &password_handle_length);
 
     ASSERT_EQ(0, ret);
 
     bool should_reenroll;
-    ret = device->verify(device, 0, 0, password_handle, password_handle_length,
+    ret = device->verify(device, 400, 0, password_handle, password_handle_length,
             password_payload, password_len, &auth_token, &auth_token_len, &should_reenroll);
+    ASSERT_EQ(0, should_reenroll);
+    ASSERT_EQ(0, ret);
+
+    hat = reinterpret_cast<hw_auth_token_t *>(auth_token);
+
+    ASSERT_EQ(HW_AUTH_TOKEN_VERSION, hat->version);
+    ASSERT_EQ(HW_AUTH_PASSWORD, hat->authenticator_type);
+}
+
+TEST_F(GateKeeperDeviceTest, EnrollAndVerifyTimeout) {
+    uint32_t password_len = 50;
+    uint8_t password_payload[password_len];
+    uint8_t *password_handle;
+    uint32_t password_handle_length;
+    uint8_t *auth_token = NULL;
+    uint32_t auth_token_len;
+    bool should_reenroll;
+    int ret;
+
+    ret = device->enroll(device, 400, NULL, 0, NULL, 0,  password_payload, password_len,
+             &password_handle, &password_handle_length);
+
+    ASSERT_EQ(0, ret);
+
+    int payload_val = password_payload[0];
+    password_payload[0] = 4;
+
+    int timeout = 0;
+    for (int i = 0; i < 20; i++) {
+        bool should_reenroll;
+        ret = device->verify(device, 400, 0, password_handle, password_handle_length,
+                password_payload, password_len, &auth_token, &auth_token_len,
+                &should_reenroll);
+        ASSERT_NE(0, ret);
+        ASSERT_EQ(NULL, auth_token);
+
+        if (ret > 0) {
+            timeout = ret;
+        }
+    }
+
+    ASSERT_NE(0, timeout);
+
+    sleep((timeout + 999)/ 1000);
+
+    password_payload[0] = payload_val;
+
+    ret = device->verify(device, 400, 0, password_handle, password_handle_length,
+            password_payload, password_len, &auth_token, &auth_token_len,
+            &should_reenroll);
 
     ASSERT_EQ(0, ret);
 }
@@ -79,7 +154,7 @@ TEST_F(GateKeeperDeviceTest, EnrollAndVerifyBadPassword) {
     uint32_t auth_token_len;
     int ret;
 
-    ret = device->enroll(device, 0, NULL, 0, NULL, 0,  password_payload, password_len,
+    ret = device->enroll(device, 400, NULL, 0, NULL, 0,  password_payload, password_len,
              &password_handle, &password_handle_length);
 
     ASSERT_EQ(0, ret);
@@ -87,7 +162,7 @@ TEST_F(GateKeeperDeviceTest, EnrollAndVerifyBadPassword) {
     password_payload[0] = 4;
 
     bool should_reenroll;
-    ret = device->verify(device, 0, 0, password_handle, password_handle_length,
+    ret = device->verify(device, 400, 0, password_handle, password_handle_length,
             password_payload, password_len, &auth_token, &auth_token_len,
             &should_reenroll);
 
@@ -102,7 +177,7 @@ TEST_F(GateKeeperDeviceTest, UntrustedReEnroll) {
     uint32_t password_handle_length;
     int ret;
 
-    ret = device->enroll(device, 0, NULL, 0, NULL, 0, password_payload, password_len,
+    ret = device->enroll(device, 400, NULL, 0, NULL, 0, password_payload, password_len,
              &password_handle, &password_handle_length);
 
     ASSERT_EQ(0, ret);
@@ -110,7 +185,7 @@ TEST_F(GateKeeperDeviceTest, UntrustedReEnroll) {
     password_handle_t *handle = reinterpret_cast<password_handle_t *>(password_handle);
     secure_id_t sid = handle->user_id;
 
-    ret = device->enroll(device, 0, NULL, 0, NULL, 0, password_payload, password_len,
+    ret = device->enroll(device, 400, NULL, 0, NULL, 0, password_payload, password_len,
             &password_handle, &password_handle_length);
 
     ASSERT_EQ(0, ret);
@@ -126,7 +201,7 @@ TEST_F(GateKeeperDeviceTest, TrustedReEnroll) {
     uint32_t password_handle_length;
     int ret;
 
-    ret = device->enroll(device, 0, NULL, 0, NULL, 0, password_payload, password_len,
+    ret = device->enroll(device, 400, NULL, 0, NULL, 0, password_payload, password_len,
              &password_handle, &password_handle_length);
 
     ASSERT_EQ(0, ret);
@@ -134,7 +209,7 @@ TEST_F(GateKeeperDeviceTest, TrustedReEnroll) {
     password_handle_t *handle = reinterpret_cast<password_handle_t *>(password_handle);
     secure_id_t sid = handle->user_id;
 
-    ret = device->enroll(device, 0, password_handle, password_handle_length, password_payload,
+    ret = device->enroll(device, 400, password_handle, password_handle_length, password_payload,
             password_len, password_payload, password_len, &password_handle, &password_handle_length);
 
     ASSERT_EQ(0, ret);
author	Andres Morales <anmorales@google.com>	2015-11-12 17:33:53 +0000
committer	android-build-merger <android-build-merger@google.com>	2015-11-12 17:33:53 +0000
commit	69d977a22acf436d3369eddd8d9b73cc19677d59 (patch)
tree	2e33c0400f6b893f7109a3aa61ab8a606be807f2
parent	6a886d78a06c75be38ecedf538137d33b25209bd (diff)
parent	21223c8b367ca11daa38695b5b4d2f1f7fe0269d (diff)
download	gatekeeper-69d977a22acf436d3369eddd8d9b73cc19677d59.tar.gz