diff options
author | Shawn Willden <swillden@google.com> | 2015-05-20 16:36:24 -0600 |
---|---|---|
committer | Shawn Willden <swillden@google.com> | 2015-05-28 07:28:51 -0600 |
commit | 2beb628bfefae72fa6bb84a6235da7e3de532823 (patch) | |
tree | 53fdd19f54afc714b37505cbea0dc31e1ecadda9 /android_keymaster_test.cpp | |
parent | de7e66c3692073eb967f01cc8281441709701e2d (diff) | |
download | keymaster-2beb628bfefae72fa6bb84a6235da7e3de532823.tar.gz |
Delegate RSA keys to keymaster0 in SoftKeymasterDevice.
Bug: 20912868
Change-Id: I515a125f1247357d2cd9b4633c3b223590848093
Diffstat (limited to 'android_keymaster_test.cpp')
-rw-r--r-- | android_keymaster_test.cpp | 429 |
1 files changed, 412 insertions, 17 deletions
diff --git a/android_keymaster_test.cpp b/android_keymaster_test.cpp index c83e659..93a0323 100644 --- a/android_keymaster_test.cpp +++ b/android_keymaster_test.cpp @@ -18,7 +18,9 @@ #include <string> #include <vector> +#include <hardware/keymaster0.h> #include <keymaster/soft_keymaster_device.h> +#include <keymaster/softkeymaster.h> #include "android_keymaster_test_utils.h" @@ -26,6 +28,15 @@ using std::ifstream; using std::istreambuf_iterator; using std::string; using std::vector; +using std::unique_ptr; + +extern "C" { +int __android_log_print(int prio, const char* tag, const char* fmt); +int __android_log_print(int prio, const char* tag, const char* fmt) { + prio, tag, fmt; + return 0; +} +} // extern "C" namespace keymaster { namespace test { @@ -35,13 +46,47 @@ StdoutLogger logger; class SoftKeymasterTestInstanceCreator : public Keymaster1TestInstanceCreator { public: keymaster1_device_t* CreateDevice() const override { - std::cerr << "Creating SoftKeymasterDevice" << std::endl; + std::cerr << "Creating software-only device" << std::endl; SoftKeymasterDevice* device = new SoftKeymasterDevice; return device->keymaster_device(); } + + bool crypto_params_in_hardware(keymaster_algorithm_t) const override { return false; } + bool expect_keymaster0_calls() const override { return false; } + int keymaster0_calls() const override { return 0; } }; -static auto test_params = testing::Values(InstanceCreatorPtr(new SoftKeymasterTestInstanceCreator)); +class Keymaster0AdapterTestInstanceCreator : public Keymaster1TestInstanceCreator { + public: + keymaster1_device_t* CreateDevice() const { + std::cerr << "Creating keymaster0-backed device" << std::endl; + hw_device_t* softkeymaster_device; + EXPECT_EQ(0, openssl_open(&softkeymaster_module.common, KEYSTORE_KEYMASTER, + &softkeymaster_device)); + // Make the software device pretend to be hardware + keymaster0_device_t* keymaster0_device = + reinterpret_cast<keymaster0_device_t*>(softkeymaster_device); + keymaster0_device->flags = KEYMASTER_SUPPORTS_EC; + + counting_keymaster0_device_ = new Keymaster0CountingWrapper(keymaster0_device); + + SoftKeymasterDevice* keymaster = new SoftKeymasterDevice(counting_keymaster0_device_); + return keymaster->keymaster_device(); + } + + bool crypto_params_in_hardware(keymaster_algorithm_t algorithm) const override { + return algorithm == KM_ALGORITHM_RSA; + } + bool expect_keymaster0_calls() const override { return true; } + int keymaster0_calls() const override { return counting_keymaster0_device_->count(); } + + private: + mutable Keymaster0CountingWrapper* counting_keymaster0_device_; +}; + +static auto test_params = + testing::Values(InstanceCreatorPtr(new SoftKeymasterTestInstanceCreator), + InstanceCreatorPtr(new Keymaster0AdapterTestInstanceCreator)); typedef Keymaster1Test CheckSupported; INSTANTIATE_TEST_CASE_P(AndroidKeymasterTest, CheckSupported, test_params); @@ -56,6 +101,9 @@ TEST_P(CheckSupported, SupportedAlgorithms) { EXPECT_TRUE(ResponseContains( {KM_ALGORITHM_RSA, KM_ALGORITHM_EC, KM_ALGORITHM_AES, KM_ALGORITHM_HMAC}, algorithms, len)); free(algorithms); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(CheckSupported, SupportedBlockModes) { @@ -78,6 +126,9 @@ TEST_P(CheckSupported, SupportedBlockModes) { KM_PURPOSE_ENCRYPT, &modes, &len)); EXPECT_TRUE(ResponseContains({KM_MODE_ECB, KM_MODE_CBC, KM_MODE_CTR}, modes, len)); free(modes); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(CheckSupported, SupportedPaddingModes) { @@ -106,6 +157,9 @@ TEST_P(CheckSupported, SupportedPaddingModes) { EXPECT_EQ(KM_ERROR_UNSUPPORTED_PURPOSE, device()->get_supported_padding_modes(device(), KM_ALGORITHM_AES, KM_PURPOSE_SIGN, &modes, &len)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(CheckSupported, SupportedDigests) { @@ -135,6 +189,9 @@ TEST_P(CheckSupported, SupportedDigests) { KM_DIGEST_SHA_2_512, KM_DIGEST_SHA1}, digests, len)); free(digests); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(CheckSupported, SupportedImportFormats) { @@ -157,6 +214,9 @@ TEST_P(CheckSupported, SupportedImportFormats) { device()->get_supported_import_formats(device(), KM_ALGORITHM_HMAC, &formats, &len)); EXPECT_TRUE(ResponseContains(KM_KEY_FORMAT_RAW, formats, len)); free(formats); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(CheckSupported, SupportedExportFormats) { @@ -189,14 +249,14 @@ TEST_P(CheckSupported, SupportedExportFormats) { device()->get_supported_export_formats(device(), KM_ALGORITHM_HMAC, &formats, &len)); EXPECT_EQ(0U, len); free(formats); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } class NewKeyGeneration : public Keymaster1Test { protected: void CheckBaseParams() { - EXPECT_EQ(0U, hw_enforced().size()); - EXPECT_EQ(12U, hw_enforced().SerializedSize()); - AuthorizationSet auths = sw_enforced(); EXPECT_GT(auths.SerializedSize(), 12U); @@ -221,7 +281,6 @@ class NewKeyGeneration : public Keymaster1Test { EXPECT_TRUE(contains(auths, KM_TAG_CREATION_DATETIME)); } }; - INSTANTIATE_TEST_CASE_P(AndroidKeymasterTest, NewKeyGeneration, test_params); TEST_P(NewKeyGeneration, Rsa) { @@ -231,11 +290,29 @@ TEST_P(NewKeyGeneration, Rsa) { .Padding(KM_PAD_NONE))); CheckBaseParams(); - // Check specified tags are all present in auths - AuthorizationSet auths(sw_enforced()); - EXPECT_TRUE(contains(auths, TAG_ALGORITHM, KM_ALGORITHM_RSA)); - EXPECT_TRUE(contains(auths, TAG_KEY_SIZE, 256)); - EXPECT_TRUE(contains(auths, TAG_RSA_PUBLIC_EXPONENT, 3)); + // Check specified tags are all present, and in the right set. + AuthorizationSet crypto_params; + AuthorizationSet non_crypto_params; + if (GetParam()->crypto_params_in_hardware(KM_ALGORITHM_RSA)) { + EXPECT_NE(0U, hw_enforced().size()); + EXPECT_NE(0U, sw_enforced().size()); + crypto_params.push_back(hw_enforced()); + non_crypto_params.push_back(sw_enforced()); + } else { + EXPECT_EQ(0U, hw_enforced().size()); + EXPECT_NE(0U, sw_enforced().size()); + crypto_params.push_back(sw_enforced()); + } + + EXPECT_TRUE(contains(crypto_params, TAG_ALGORITHM, KM_ALGORITHM_RSA)); + EXPECT_FALSE(contains(non_crypto_params, TAG_ALGORITHM, KM_ALGORITHM_RSA)); + EXPECT_TRUE(contains(crypto_params, TAG_KEY_SIZE, 256)); + EXPECT_FALSE(contains(non_crypto_params, TAG_KEY_SIZE, 256)); + EXPECT_TRUE(contains(crypto_params, TAG_RSA_PUBLIC_EXPONENT, 3)); + EXPECT_FALSE(contains(non_crypto_params, TAG_RSA_PUBLIC_EXPONENT, 3)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(1, GetParam()->keymaster0_calls()); } TEST_P(NewKeyGeneration, RsaDefaultSize) { @@ -244,6 +321,9 @@ TEST_P(NewKeyGeneration, RsaDefaultSize) { .Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA) .Authorization(TAG_RSA_PUBLIC_EXPONENT, 3) .SigningKey())); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(NewKeyGeneration, Ecdsa) { @@ -254,6 +334,9 @@ TEST_P(NewKeyGeneration, Ecdsa) { // Check specified tags are all present in unenforced characteristics EXPECT_TRUE(contains(sw_enforced(), TAG_ALGORITHM, KM_ALGORITHM_EC)); EXPECT_TRUE(contains(sw_enforced(), TAG_KEY_SIZE, 224)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(NewKeyGeneration, EcdsaDefaultSize) { @@ -266,11 +349,17 @@ TEST_P(NewKeyGeneration, EcdsaDefaultSize) { // Now check that unspecified, defaulted tags are correct. EXPECT_TRUE(contains(sw_enforced(), TAG_KEY_SIZE, 224)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(NewKeyGeneration, EcdsaInvalidSize) { ASSERT_EQ(KM_ERROR_UNSUPPORTED_KEY_SIZE, GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(190).Digest(KM_DIGEST_NONE))); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(NewKeyGeneration, EcdsaAllValidSizes) { @@ -281,11 +370,17 @@ TEST_P(NewKeyGeneration, EcdsaAllValidSizes) { << "Failed to generate size: " << size; } + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(NewKeyGeneration, HmacSha256) { ASSERT_EQ(KM_ERROR_OK, GenerateKey(AuthorizationSetBuilder().HmacKey(128).Digest(KM_DIGEST_SHA_2_256))); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } typedef Keymaster1Test GetKeyCharacteristics; @@ -300,6 +395,9 @@ TEST_P(GetKeyCharacteristics, SimpleRsa) { ASSERT_EQ(KM_ERROR_OK, GetCharacteristics()); EXPECT_EQ(original, sw_enforced()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(1, GetParam()->keymaster0_calls()); } typedef Keymaster1Test SigningOperationsTest; @@ -313,6 +411,9 @@ TEST_P(SigningOperationsTest, RsaSuccess) { string message = "12345678901234567890123456789012"; string signature; SignMessage(message, &signature, KM_DIGEST_NONE, KM_PAD_NONE); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(3, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaSha256DigestSuccess) { @@ -323,6 +424,9 @@ TEST_P(SigningOperationsTest, RsaSha256DigestSuccess) { string message(1024, 'a'); string signature; SignMessage(message, &signature, KM_DIGEST_SHA_2_256, KM_PAD_RSA_PSS); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(3, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaPssSha256Success) { @@ -334,6 +438,9 @@ TEST_P(SigningOperationsTest, RsaPssSha256Success) { string message(1024, 'a'); string signature; SignMessage(message, &signature, KM_DIGEST_SHA_2_256, KM_PAD_RSA_PSS); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(3, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaPkcs1Sha256Success) { @@ -344,6 +451,9 @@ TEST_P(SigningOperationsTest, RsaPkcs1Sha256Success) { string message(1024, 'a'); string signature; SignMessage(message, &signature, KM_DIGEST_SHA_2_256, KM_PAD_RSA_PKCS1_1_5_SIGN); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(3, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaPssSha256TooSmallKey) { @@ -366,6 +476,9 @@ TEST_P(SigningOperationsTest, RsaPssSha256TooSmallKey) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); EXPECT_EQ(message.size(), input_consumed); EXPECT_EQ(KM_ERROR_INCOMPATIBLE_DIGEST, FinishOperation(signature, &result)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaAbort) { @@ -380,6 +493,9 @@ TEST_P(SigningOperationsTest, RsaAbort) { EXPECT_EQ(KM_ERROR_OK, AbortOperation()); // Another abort should fail EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, AbortOperation()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaUnsupportedDigest) { @@ -388,6 +504,9 @@ TEST_P(SigningOperationsTest, RsaUnsupportedDigest) { .Digest(KM_DIGEST_MD5) .Padding(KM_PAD_RSA_PSS /* supported padding */)); ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, BeginOperation(KM_PURPOSE_SIGN)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaUnsupportedPadding) { @@ -398,12 +517,12 @@ TEST_P(SigningOperationsTest, RsaUnsupportedPadding) { AuthorizationSet begin_params(client_params()); begin_params.push_back(TAG_DIGEST, KM_DIGEST_SHA_2_256); ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, BeginOperation(KM_PURPOSE_SIGN, begin_params)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaNoDigest) { - // Digest must be specified. - ASSERT_EQ(KM_ERROR_OK, GenerateKey(AuthorizationSetBuilder().RsaKey(256, 3).SigningKey())); - ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, BeginOperation(KM_PURPOSE_SIGN)); // PSS requires a digest. GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(256, 3) @@ -413,6 +532,9 @@ TEST_P(SigningOperationsTest, RsaNoDigest) { begin_params.push_back(TAG_DIGEST, KM_DIGEST_NONE); begin_params.push_back(TAG_PADDING, KM_PAD_RSA_PSS); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_DIGEST, BeginOperation(KM_PURPOSE_SIGN, begin_params)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaNoPadding) { @@ -422,6 +544,9 @@ TEST_P(SigningOperationsTest, RsaNoPadding) { AuthorizationSet begin_params(client_params()); begin_params.push_back(TAG_DIGEST, KM_DIGEST_NONE); ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, BeginOperation(KM_PURPOSE_SIGN, begin_params)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaTooShortMessage) { @@ -444,6 +569,9 @@ TEST_P(SigningOperationsTest, RsaTooShortMessage) { string signature; ASSERT_EQ(KM_ERROR_UNKNOWN_ERROR, FinishOperation(&signature)); EXPECT_EQ(0U, signature.length()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, RsaSignWithEncryptionKey) { @@ -453,6 +581,9 @@ TEST_P(SigningOperationsTest, RsaSignWithEncryptionKey) { .Padding(KM_PAD_NONE))); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_SIGN)); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_VERIFY)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(3, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, EcdsaSuccess) { @@ -461,6 +592,9 @@ TEST_P(SigningOperationsTest, EcdsaSuccess) { string message = "123456789012345678901234567890123456789012345678"; string signature; SignMessage(message, &signature, KM_DIGEST_NONE); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, AesEcbSign) { @@ -469,6 +603,9 @@ TEST_P(SigningOperationsTest, AesEcbSign) { TAG_BLOCK_MODE, KM_MODE_ECB))); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_SIGN)); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_VERIFY)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacSha1Success) { @@ -477,6 +614,9 @@ TEST_P(SigningOperationsTest, HmacSha1Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA1, 160); ASSERT_EQ(20U, signature.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacSha224Success) { @@ -486,6 +626,9 @@ TEST_P(SigningOperationsTest, HmacSha224Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA_2_224, 224); ASSERT_EQ(28U, signature.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacSha256Success) { @@ -495,6 +638,9 @@ TEST_P(SigningOperationsTest, HmacSha256Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA_2_256, 256); ASSERT_EQ(32U, signature.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacSha384Success) { @@ -505,6 +651,9 @@ TEST_P(SigningOperationsTest, HmacSha384Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA_2_384, 384); ASSERT_EQ(48U, signature.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacSha512Success) { @@ -514,6 +663,9 @@ TEST_P(SigningOperationsTest, HmacSha512Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA_2_512, 512); ASSERT_EQ(64U, signature.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacLengthInKey) { @@ -527,6 +679,9 @@ TEST_P(SigningOperationsTest, HmacLengthInKey) { MacMessage(message, &signature, KM_DIGEST_SHA_2_256, 240); // Size in key was ignored. ASSERT_EQ(30U, signature.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacRfc4231TestCase1) { @@ -564,6 +719,9 @@ TEST_P(SigningOperationsTest, HmacRfc4231TestCase1) { CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_256, make_string(sha_256_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_384, make_string(sha_384_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_512, make_string(sha_512_expected)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacRfc4231TestCase2) { @@ -596,6 +754,9 @@ TEST_P(SigningOperationsTest, HmacRfc4231TestCase2) { CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_256, make_string(sha_256_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_384, make_string(sha_384_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_512, make_string(sha_512_expected)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacRfc4231TestCase3) { @@ -628,6 +789,9 @@ TEST_P(SigningOperationsTest, HmacRfc4231TestCase3) { CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_256, make_string(sha_256_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_384, make_string(sha_384_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_512, make_string(sha_512_expected)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacRfc4231TestCase4) { @@ -664,6 +828,9 @@ TEST_P(SigningOperationsTest, HmacRfc4231TestCase4) { CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_256, make_string(sha_256_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_384, make_string(sha_384_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_512, make_string(sha_512_expected)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacRfc4231TestCase5) { @@ -691,6 +858,9 @@ TEST_P(SigningOperationsTest, HmacRfc4231TestCase5) { CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_256, make_string(sha_256_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_384, make_string(sha_384_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_512, make_string(sha_512_expected)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacRfc4231TestCase6) { @@ -724,6 +894,9 @@ TEST_P(SigningOperationsTest, HmacRfc4231TestCase6) { CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_256, make_string(sha_256_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_384, make_string(sha_384_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_512, make_string(sha_512_expected)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacRfc4231TestCase7) { @@ -759,6 +932,9 @@ TEST_P(SigningOperationsTest, HmacRfc4231TestCase7) { CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_256, make_string(sha_256_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_384, make_string(sha_384_expected)); CheckHmacTestVector(key, message, KM_DIGEST_SHA_2_512, make_string(sha_512_expected)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(SigningOperationsTest, HmacSha256TooLargeMacLength) { @@ -774,6 +950,9 @@ TEST_P(SigningOperationsTest, HmacSha256TooLargeMacLength) { size_t input_consumed; ASSERT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); ASSERT_EQ(KM_ERROR_UNSUPPORTED_MAC_LENGTH, FinishOperation(&result)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } // TODO(swillden): Add more verification failure tests. @@ -790,6 +969,9 @@ TEST_P(VerificationOperationsTest, RsaSuccess) { string signature; SignMessage(message, &signature, KM_DIGEST_NONE, KM_PAD_NONE); VerifyMessage(message, signature, KM_DIGEST_NONE, KM_PAD_NONE); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, RsaSha256DigestSuccess) { @@ -801,6 +983,9 @@ TEST_P(VerificationOperationsTest, RsaSha256DigestSuccess) { string signature; SignMessage(message, &signature, KM_DIGEST_SHA_2_256, KM_PAD_RSA_PSS); VerifyMessage(message, signature, KM_DIGEST_SHA_2_256, KM_PAD_RSA_PSS); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, RsaSha256CorruptSignature) { @@ -823,6 +1008,9 @@ TEST_P(VerificationOperationsTest, RsaSha256CorruptSignature) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); EXPECT_EQ(message.size(), input_consumed); EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED, FinishOperation(signature, &result)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, RsaPssSha256Success) { @@ -835,6 +1023,9 @@ TEST_P(VerificationOperationsTest, RsaPssSha256Success) { string signature; SignMessage(message, &signature, KM_DIGEST_SHA_2_256, KM_PAD_RSA_PSS); VerifyMessage(message, signature, KM_DIGEST_SHA_2_256, KM_PAD_RSA_PSS); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, RsaPssSha256CorruptSignature) { @@ -857,6 +1048,9 @@ TEST_P(VerificationOperationsTest, RsaPssSha256CorruptSignature) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); EXPECT_EQ(message.size(), input_consumed); EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED, FinishOperation(signature, &result)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, RsaPssSha256CorruptInput) { @@ -880,6 +1074,9 @@ TEST_P(VerificationOperationsTest, RsaPssSha256CorruptInput) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); EXPECT_EQ(message.size(), input_consumed); EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED, FinishOperation(signature, &result)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, RsaPkcs1Sha256Success) { @@ -891,6 +1088,9 @@ TEST_P(VerificationOperationsTest, RsaPkcs1Sha256Success) { string signature; SignMessage(message, &signature, KM_DIGEST_SHA_2_256, KM_PAD_RSA_PKCS1_1_5_SIGN); VerifyMessage(message, signature, KM_DIGEST_SHA_2_256, KM_PAD_RSA_PKCS1_1_5_SIGN); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, RsaPkcs1Sha256CorruptSignature) { @@ -913,6 +1113,9 @@ TEST_P(VerificationOperationsTest, RsaPkcs1Sha256CorruptSignature) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); EXPECT_EQ(message.size(), input_consumed); EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED, FinishOperation(signature, &result)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, RsaPkcs1Sha256CorruptInput) { @@ -936,6 +1139,9 @@ TEST_P(VerificationOperationsTest, RsaPkcs1Sha256CorruptInput) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); EXPECT_EQ(message.size(), input_consumed); EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED, FinishOperation(signature, &result)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } template <typename T> vector<T> make_vector(const T* array, size_t len) { @@ -1014,6 +1220,9 @@ TEST_P(VerificationOperationsTest, RsaAllDigestAndPadCombinations) { free(padding_modes); free(digests); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(16, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, EcdsaSuccess) { @@ -1023,6 +1232,9 @@ TEST_P(VerificationOperationsTest, EcdsaSuccess) { string signature; SignMessage(message, &signature, KM_DIGEST_NONE); VerifyMessage(message, signature, KM_DIGEST_NONE); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, HmacSha1Success) { @@ -1031,6 +1243,9 @@ TEST_P(VerificationOperationsTest, HmacSha1Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA1, 160); VerifyMessage(message, signature, KM_DIGEST_SHA1); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, HmacSha224Success) { @@ -1039,6 +1254,9 @@ TEST_P(VerificationOperationsTest, HmacSha224Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA_2_224, 224); VerifyMessage(message, signature, KM_DIGEST_SHA_2_224); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, HmacSha256Success) { @@ -1047,6 +1265,9 @@ TEST_P(VerificationOperationsTest, HmacSha256Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA_2_256, 256); VerifyMessage(message, signature, KM_DIGEST_SHA_2_256); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, HmacSha384Success) { @@ -1055,6 +1276,9 @@ TEST_P(VerificationOperationsTest, HmacSha384Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA_2_384, 384); VerifyMessage(message, signature, KM_DIGEST_SHA_2_384); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(VerificationOperationsTest, HmacSha512Success) { @@ -1063,6 +1287,9 @@ TEST_P(VerificationOperationsTest, HmacSha512Success) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA_2_512, 512); VerifyMessage(message, signature, KM_DIGEST_SHA_2_512); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } typedef Keymaster1Test ExportKeyTest; @@ -1078,6 +1305,9 @@ TEST_P(ExportKeyTest, RsaSuccess) { EXPECT_GT(export_data.length(), 0U); // TODO(swillden): Verify that the exported key is actually usable to verify signatures. + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(ExportKeyTest, EcdsaSuccess) { @@ -1088,6 +1318,9 @@ TEST_P(ExportKeyTest, EcdsaSuccess) { EXPECT_GT(export_data.length(), 0U); // TODO(swillden): Verify that the exported key is actually usable to verify signatures. + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(ExportKeyTest, RsaUnsupportedKeyFormat) { @@ -1097,6 +1330,9 @@ TEST_P(ExportKeyTest, RsaUnsupportedKeyFormat) { .Padding(KM_PAD_NONE))); string export_data; ASSERT_EQ(KM_ERROR_UNSUPPORTED_KEY_FORMAT, ExportKey(KM_KEY_FORMAT_PKCS8, &export_data)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(ExportKeyTest, RsaCorruptedKeyBlob) { @@ -1107,6 +1343,9 @@ TEST_P(ExportKeyTest, RsaCorruptedKeyBlob) { corrupt_key_blob(); string export_data; ASSERT_EQ(KM_ERROR_INVALID_KEY_BLOB, ExportKey(KM_KEY_FORMAT_X509, &export_data)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(ExportKeyTest, AesKeyExportFails) { @@ -1116,6 +1355,9 @@ TEST_P(ExportKeyTest, AesKeyExportFails) { EXPECT_EQ(KM_ERROR_UNSUPPORTED_KEY_FORMAT, ExportKey(KM_KEY_FORMAT_X509, &export_data)); EXPECT_EQ(KM_ERROR_UNSUPPORTED_KEY_FORMAT, ExportKey(KM_KEY_FORMAT_PKCS8, &export_data)); EXPECT_EQ(KM_ERROR_UNSUPPORTED_KEY_FORMAT, ExportKey(KM_KEY_FORMAT_RAW, &export_data)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } static string read_file(const string& file_name) { @@ -1139,9 +1381,15 @@ TEST_P(ImportKeyTest, RsaSuccess) { KM_KEY_FORMAT_PKCS8, pk8_key)); // Check values derived from the key. - EXPECT_TRUE(contains(sw_enforced(), TAG_ALGORITHM, KM_ALGORITHM_RSA)); - EXPECT_TRUE(contains(sw_enforced(), TAG_KEY_SIZE, 1024)); - EXPECT_TRUE(contains(sw_enforced(), TAG_RSA_PUBLIC_EXPONENT, 65537U)); + EXPECT_TRUE(contains(GetParam()->crypto_params_in_hardware(KM_ALGORITHM_RSA) ? hw_enforced() + : sw_enforced(), + TAG_ALGORITHM, KM_ALGORITHM_RSA)); + EXPECT_TRUE(contains(GetParam()->crypto_params_in_hardware(KM_ALGORITHM_RSA) ? hw_enforced() + : sw_enforced(), + TAG_KEY_SIZE, 1024)); + EXPECT_TRUE(contains(GetParam()->crypto_params_in_hardware(KM_ALGORITHM_RSA) ? hw_enforced() + : sw_enforced(), + TAG_RSA_PUBLIC_EXPONENT, 65537U)); // And values provided by AndroidKeymaster EXPECT_TRUE(contains(sw_enforced(), TAG_ORIGIN, KM_ORIGIN_IMPORTED)); @@ -1151,6 +1399,9 @@ TEST_P(ImportKeyTest, RsaSuccess) { string signature; SignMessage(message, &signature, KM_DIGEST_NONE, KM_PAD_NONE); VerifyMessage(message, signature, KM_DIGEST_NONE, KM_PAD_NONE); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(ImportKeyTest, OldApiRsaSuccess) { @@ -1176,6 +1427,9 @@ TEST_P(ImportKeyTest, OldApiRsaSuccess) { ProcessMessage(KM_PURPOSE_SIGN, message, begin_params, update_params, &output_params); ProcessMessage(KM_PURPOSE_VERIFY, message, signature, begin_params, update_params, &output_params); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(ImportKeyTest, RsaKeySizeMismatch) { @@ -1187,6 +1441,9 @@ TEST_P(ImportKeyTest, RsaKeySizeMismatch) { .Digest(KM_DIGEST_NONE) .Padding(KM_PAD_NONE), KM_KEY_FORMAT_PKCS8, pk8_key)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(ImportKeyTest, RsaPublicExponenMismatch) { @@ -1198,6 +1455,9 @@ TEST_P(ImportKeyTest, RsaPublicExponenMismatch) { .Digest(KM_DIGEST_NONE) .Padding(KM_PAD_NONE), KM_KEY_FORMAT_PKCS8, pk8_key)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(ImportKeyTest, EcdsaSuccess) { @@ -1220,6 +1480,9 @@ TEST_P(ImportKeyTest, EcdsaSuccess) { string signature; SignMessage(message, &signature, KM_DIGEST_NONE); VerifyMessage(message, signature, KM_DIGEST_NONE); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(ImportKeyTest, EcdsaSizeSpecified) { @@ -1242,6 +1505,9 @@ TEST_P(ImportKeyTest, EcdsaSizeSpecified) { string signature; SignMessage(message, &signature, KM_DIGEST_NONE); VerifyMessage(message, signature, KM_DIGEST_NONE); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(ImportKeyTest, EcdsaSizeMismatch) { @@ -1252,6 +1518,9 @@ TEST_P(ImportKeyTest, EcdsaSizeMismatch) { .EcdsaSigningKey(224 /* Doesn't match key */) .Digest(KM_DIGEST_NONE), KM_KEY_FORMAT_PKCS8, pk8_key)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(ImportKeyTest, AesKeySuccess) { @@ -1269,6 +1538,9 @@ TEST_P(ImportKeyTest, AesKeySuccess) { string ciphertext = EncryptMessage(message, KM_MODE_ECB, KM_PAD_PKCS7); string plaintext = DecryptMessage(ciphertext, KM_MODE_ECB, KM_PAD_PKCS7); EXPECT_EQ(message, plaintext); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(ImportKeyTest, HmacSha256KeySuccess) { @@ -1287,6 +1559,9 @@ TEST_P(ImportKeyTest, HmacSha256KeySuccess) { string signature; MacMessage(message, &signature, KM_DIGEST_SHA_2_256, 32); VerifyMessage(message, signature, KM_DIGEST_SHA_2_256); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } typedef Keymaster1Test EncryptionOperationsTest; @@ -1305,6 +1580,9 @@ TEST_P(EncryptionOperationsTest, RsaOaepSuccess) { // OAEP randomizes padding so every result should be different. EXPECT_NE(ciphertext1, ciphertext2); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(3, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, RsaOaepRoundTrip) { @@ -1316,6 +1594,9 @@ TEST_P(EncryptionOperationsTest, RsaOaepRoundTrip) { string plaintext = DecryptMessage(ciphertext, KM_PAD_RSA_OAEP); EXPECT_EQ(message, plaintext); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, RsaOaepTooLarge) { @@ -1331,6 +1612,9 @@ TEST_P(EncryptionOperationsTest, RsaOaepTooLarge) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, FinishOperation(&result)); EXPECT_EQ(0U, result.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, RsaOaepCorruptedDecrypt) { @@ -1351,6 +1635,9 @@ TEST_P(EncryptionOperationsTest, RsaOaepCorruptedDecrypt) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(ciphertext, &result, &input_consumed)); EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, FinishOperation(&result)); EXPECT_EQ(0U, result.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, RsaPkcs1Success) { @@ -1365,6 +1652,9 @@ TEST_P(EncryptionOperationsTest, RsaPkcs1Success) { // PKCS1 v1.5 randomizes padding so every result should be different. EXPECT_NE(ciphertext1, ciphertext2); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(3, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, RsaPkcs1RoundTrip) { @@ -1376,6 +1666,9 @@ TEST_P(EncryptionOperationsTest, RsaPkcs1RoundTrip) { string plaintext = DecryptMessage(ciphertext, KM_PAD_RSA_PKCS1_1_5_ENCRYPT); EXPECT_EQ(message, plaintext); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, RsaPkcs1TooLarge) { @@ -1391,6 +1684,9 @@ TEST_P(EncryptionOperationsTest, RsaPkcs1TooLarge) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, FinishOperation(&result)); EXPECT_EQ(0U, result.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(2, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, RsaPkcs1CorruptedDecrypt) { @@ -1411,6 +1707,9 @@ TEST_P(EncryptionOperationsTest, RsaPkcs1CorruptedDecrypt) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(ciphertext, &result, &input_consumed)); EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, FinishOperation(&result)); EXPECT_EQ(0U, result.size()); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(4, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, RsaEncryptWithSigningKey) { @@ -1420,6 +1719,9 @@ TEST_P(EncryptionOperationsTest, RsaEncryptWithSigningKey) { .Padding(KM_PAD_NONE))); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_ENCRYPT)); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_DECRYPT)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(3, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, EcdsaEncrypt) { @@ -1427,6 +1729,9 @@ TEST_P(EncryptionOperationsTest, EcdsaEncrypt) { GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(224).Digest(KM_DIGEST_NONE))); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_ENCRYPT)); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_DECRYPT)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, HmacEncrypt) { @@ -1436,6 +1741,9 @@ TEST_P(EncryptionOperationsTest, HmacEncrypt) { AuthorizationSetBuilder().HmacKey(128).Digest(KM_DIGEST_NONE).Padding(KM_PAD_NONE))); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_ENCRYPT)); ASSERT_EQ(KM_ERROR_INCOMPATIBLE_PURPOSE, BeginOperation(KM_PURPOSE_DECRYPT)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesEcbRoundTripSuccess) { @@ -1456,6 +1764,9 @@ TEST_P(EncryptionOperationsTest, AesEcbRoundTripSuccess) { string plaintext = DecryptMessage(ciphertext1, KM_MODE_ECB, KM_PAD_NONE); EXPECT_EQ(message, plaintext); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesEcbNoPaddingWrongInputSize) { @@ -1475,6 +1786,9 @@ TEST_P(EncryptionOperationsTest, AesEcbNoPaddingWrongInputSize) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &ciphertext, &input_consumed)); EXPECT_EQ(message.size(), input_consumed); EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, FinishOperation(&ciphertext)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesEcbPkcs7Padding) { @@ -1491,6 +1805,9 @@ TEST_P(EncryptionOperationsTest, AesEcbPkcs7Padding) { string plaintext = DecryptMessage(ciphertext, KM_MODE_ECB, KM_PAD_PKCS7); EXPECT_EQ(message, plaintext); } + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesEcbPkcs7PaddingCorrupted) { @@ -1514,6 +1831,9 @@ TEST_P(EncryptionOperationsTest, AesEcbPkcs7PaddingCorrupted) { EXPECT_EQ(KM_ERROR_OK, UpdateOperation(ciphertext, &plaintext, &input_consumed)); EXPECT_EQ(ciphertext.size(), input_consumed); EXPECT_EQ(KM_ERROR_INVALID_ARGUMENT, FinishOperation(&plaintext)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesCtrRoundTripSuccess) { @@ -1538,6 +1858,9 @@ TEST_P(EncryptionOperationsTest, AesCtrRoundTripSuccess) { string plaintext = DecryptMessage(ciphertext1, KM_MODE_CTR, KM_PAD_NONE, iv1); EXPECT_EQ(message, plaintext); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesCtrIncremental) { @@ -1577,6 +1900,9 @@ TEST_P(EncryptionOperationsTest, AesCtrIncremental) { EXPECT_EQ(KM_ERROR_OK, FinishOperation(&plaintext)); EXPECT_EQ(ciphertext.size(), plaintext.size()); EXPECT_EQ(message, plaintext); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } struct AesCtrSp80038aTestVector { @@ -1625,6 +1951,9 @@ TEST_P(EncryptionOperationsTest, AesCtrSp80038aTestVector) { const string ciphertext = hex2str(test.ciphertext); CheckAesCtrTestVector(key, nonce, plaintext, ciphertext); } + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesCtrInvalidPaddingMode) { @@ -1636,6 +1965,9 @@ TEST_P(EncryptionOperationsTest, AesCtrInvalidPaddingMode) { begin_params.push_back(TAG_BLOCK_MODE, KM_MODE_CTR); begin_params.push_back(TAG_PADDING, KM_PAD_NONE); EXPECT_EQ(KM_ERROR_INCOMPATIBLE_PADDING_MODE, BeginOperation(KM_PURPOSE_ENCRYPT, begin_params)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesCtrInvalidCallerNonce) { @@ -1650,6 +1982,9 @@ TEST_P(EncryptionOperationsTest, AesCtrInvalidCallerNonce) { input_params.push_back(TAG_PADDING, KM_PAD_NONE); input_params.push_back(TAG_NONCE, "123", 3); EXPECT_EQ(KM_ERROR_INVALID_NONCE, BeginOperation(KM_PURPOSE_ENCRYPT, input_params)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesCbcRoundTripSuccess) { @@ -1673,6 +2008,9 @@ TEST_P(EncryptionOperationsTest, AesCbcRoundTripSuccess) { string plaintext = DecryptMessage(ciphertext1, KM_MODE_CBC, KM_PAD_NONE, iv1); EXPECT_EQ(message, plaintext); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesCallerNonce) { @@ -1714,6 +2052,9 @@ TEST_P(EncryptionOperationsTest, AesCallerNonce) { plaintext = ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext2, input_params, update_params, &output_params); EXPECT_NE(message, plaintext); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesCallerNonceProhibited) { @@ -1742,6 +2083,9 @@ TEST_P(EncryptionOperationsTest, AesCallerNonceProhibited) { EXPECT_EQ(KM_ERROR_CALLER_NONCE_PROHIBITED, BeginOperation(KM_PURPOSE_ENCRYPT, input_params, &output_params)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesCbcIncrementalNoPadding) { @@ -1781,6 +2125,9 @@ TEST_P(EncryptionOperationsTest, AesCbcIncrementalNoPadding) { EXPECT_EQ(KM_ERROR_OK, FinishOperation(&plaintext)); EXPECT_EQ(ciphertext.size(), plaintext.size()); EXPECT_EQ(message, plaintext); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } TEST_P(EncryptionOperationsTest, AesCbcPkcs7Padding) { @@ -1798,6 +2145,9 @@ TEST_P(EncryptionOperationsTest, AesCbcPkcs7Padding) { string plaintext = DecryptMessage(ciphertext, KM_MODE_CBC, KM_PAD_PKCS7, iv); EXPECT_EQ(message, plaintext); } + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } typedef Keymaster1Test AddEntropyTest; @@ -1808,6 +2158,51 @@ TEST_P(AddEntropyTest, AddEntropy) { // doesn't blow up or return an error. EXPECT_EQ(KM_ERROR_OK, device()->add_rng_entropy(device(), reinterpret_cast<const uint8_t*>("foo"), 3)); + + if (GetParam()->expect_keymaster0_calls()) + EXPECT_EQ(0, GetParam()->keymaster0_calls()); +} + +typedef Keymaster1Test Keymaster0AdapterTest; +INSTANTIATE_TEST_CASE_P( + AndroidKeymasterTest, Keymaster0AdapterTest, + ::testing::Values(InstanceCreatorPtr(new Keymaster0AdapterTestInstanceCreator))); + +TEST_P(Keymaster0AdapterTest, OldSoftwareKeymaster1Blob) { + // Load and use an old-style Keymaster1 software key blob. These blobs contain OCB-encrypted + // key data. + string km1_sw = read_file("km1_sw_rsa_512.blob"); + EXPECT_EQ(486U, km1_sw.length()); + + uint8_t* key_data = reinterpret_cast<uint8_t*>(malloc(km1_sw.length())); + memcpy(key_data, km1_sw.data(), km1_sw.length()); + set_key_blob(key_data, km1_sw.length()); + + string message(64, 'a'); + string signature; + SignMessage(message, &signature, KM_DIGEST_NONE, KM_PAD_NONE); + + EXPECT_EQ(0, GetParam()->keymaster0_calls()); +} + +struct Malloc_Delete { + void operator()(void* p) { free(p); } +}; + +TEST_P(Keymaster0AdapterTest, OldSoftwareKeymaster0Blob) { + // Load and use an old softkeymaster blob. These blobs contain PKCS#8 key data. + string km0_sw = read_file("km0_sw_rsa_512.blob"); + EXPECT_EQ(333U, km0_sw.length()); + + uint8_t* key_data = reinterpret_cast<uint8_t*>(malloc(km0_sw.length())); + memcpy(key_data, km0_sw.data(), km0_sw.length()); + set_key_blob(key_data, km0_sw.length()); + + string message(64, 'a'); + string signature; + SignMessage(message, &signature, KM_DIGEST_NONE, KM_PAD_NONE); + + EXPECT_EQ(0, GetParam()->keymaster0_calls()); } } // namespace test |