diff options
author | Shawn Willden <swillden@google.com> | 2015-05-16 09:20:59 -0600 |
---|---|---|
committer | Shawn Willden <swillden@google.com> | 2015-05-18 09:08:14 -0600 |
commit | b6837e7a62a1192e33beef586282812239ee8b28 (patch) | |
tree | 751bb1c86c25e4c3b86324218bbafd84565fc20b /android_keymaster_test_utils.cpp | |
parent | 67380a948d80ce62455b1ec9ed8283e3349498c6 (diff) | |
download | keymaster-b6837e7a62a1192e33beef586282812239ee8b28.tar.gz |
Remove references to Google in Android keymaster reference implementation.
Change-Id: I05de61353fc806b90232fab7c1d1cf76aefa35fc
Diffstat (limited to 'android_keymaster_test_utils.cpp')
-rw-r--r-- | android_keymaster_test_utils.cpp | 596 |
1 files changed, 596 insertions, 0 deletions
diff --git a/android_keymaster_test_utils.cpp b/android_keymaster_test_utils.cpp new file mode 100644 index 0000000..591e8d7 --- /dev/null +++ b/android_keymaster_test_utils.cpp @@ -0,0 +1,596 @@ +/* + * Copyright 2014 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "android_keymaster_test_utils.h" + +#include <algorithm> + +#include <openssl/rand.h> + +#include <keymaster/android_keymaster_messages.h> +#include <keymaster/android_keymaster_utils.h> + +using std::is_permutation; +using std::ostream; +using std::string; +using std::vector; + +std::ostream& operator<<(std::ostream& os, const keymaster_key_param_t& param) { + os << "Tag: " << keymaster_tag_mask_type(param.tag); + switch (keymaster_tag_get_type(param.tag)) { + case KM_INVALID: + os << " Invalid"; + break; + case KM_INT_REP: + os << " (Rep)"; + /* Falls through */ + case KM_INT: + os << " Int: " << param.integer; + break; + case KM_ENUM_REP: + os << " (Rep)"; + /* Falls through */ + case KM_ENUM: + os << " Enum: " << param.enumerated; + break; + case KM_LONG_REP: + os << " (Rep)"; + /* Falls through */ + case KM_LONG: + os << " Long: " << param.long_integer; + break; + case KM_DATE: + os << " Date: " << param.date_time; + break; + case KM_BOOL: + os << " Bool: " << param.boolean; + break; + case KM_BIGNUM: + os << " Bignum: "; + break; + case KM_BYTES: + os << " Bytes: "; + break; + } + return os; +} + +bool operator==(const keymaster_key_param_t& a, const keymaster_key_param_t& b) { + if (a.tag != b.tag) { + return false; + } + + switch (keymaster_tag_get_type(a.tag)) { + case KM_INVALID: + return true; + case KM_INT_REP: + case KM_INT: + return a.integer == b.integer; + case KM_ENUM_REP: + case KM_ENUM: + return a.enumerated == b.enumerated; + case KM_LONG: + case KM_LONG_REP: + return a.long_integer == b.long_integer; + case KM_DATE: + return a.date_time == b.date_time; + case KM_BOOL: + return a.boolean == b.boolean; + case KM_BIGNUM: + case KM_BYTES: + if ((a.blob.data == NULL || b.blob.data == NULL) && a.blob.data != b.blob.data) + return false; + return a.blob.data_length == b.blob.data_length && + (memcmp(a.blob.data, b.blob.data, a.blob.data_length) == 0); + } + + return false; +} + +static char hex_value[256] = { + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 0, 0, 0, 0, 0, // '0'..'9' + 0, 10, 11, 12, 13, 14, 15, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 'A'..'F' + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 11, 12, 13, 14, 15, 0, + 0, 0, 0, 0, 0, 0, 0, 0, // 'a'..'f' + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; + +string hex2str(string a) { + string b; + size_t num = a.size() / 2; + b.resize(num); + for (size_t i = 0; i < num; i++) { + b[i] = (hex_value[a[i * 2] & 0xFF] << 4) + (hex_value[a[i * 2 + 1] & 0xFF]); + } + return b; +} + +namespace keymaster { + +bool operator==(const AuthorizationSet& a, const AuthorizationSet& b) { + if (a.size() != b.size()) + return false; + + for (size_t i = 0; i < a.size(); ++i) + if (!(a[i] == b[i])) + return false; + return true; +} + +bool operator!=(const AuthorizationSet& a, const AuthorizationSet& b) { + return !(a == b); +} + +std::ostream& operator<<(std::ostream& os, const AuthorizationSet& set) { + if (set.size() == 0) + os << "(Empty)" << std::endl; + for (size_t i = 0; i < set.size(); ++i) { + os << set[i] << std::endl; + } + return os; +} + +namespace test { + +Keymaster1Test::Keymaster1Test() + : device_(NULL), op_handle_(OP_HANDLE_SENTINEL), characteristics_(NULL) { + blob_.key_material = NULL; + RAND_seed("foobar", 6); + blob_.key_material = 0; +} + +Keymaster1Test::~Keymaster1Test() { + FreeCharacteristics(); + FreeKeyBlob(); + device_->common.close(reinterpret_cast<hw_device_t*>(device_)); +} + +keymaster1_device_t* Keymaster1Test::device() { + return device_; +} + +keymaster_error_t Keymaster1Test::GenerateKey(const AuthorizationSetBuilder& builder) { + AuthorizationSet params(builder.build()); + params.push_back(UserAuthParams()); + params.push_back(ClientParams()); + + FreeKeyBlob(); + FreeCharacteristics(); + return device()->generate_key(device(), params.data(), params.size(), &blob_, + &characteristics_); +} + +keymaster_error_t Keymaster1Test::ImportKey(const AuthorizationSetBuilder& builder, + keymaster_key_format_t format, + const string& key_material) { + AuthorizationSet params(builder.build()); + params.push_back(UserAuthParams()); + params.push_back(ClientParams()); + + FreeKeyBlob(); + FreeCharacteristics(); + return device()->import_key(device(), params.data(), params.size(), format, + reinterpret_cast<const uint8_t*>(key_material.c_str()), + key_material.length(), &blob_, &characteristics_); +} + +AuthorizationSet Keymaster1Test::UserAuthParams() { + AuthorizationSet set; + set.push_back(TAG_USER_ID, 7); + set.push_back(TAG_USER_AUTH_TYPE, HW_AUTH_PASSWORD); + set.push_back(TAG_AUTH_TIMEOUT, 300); + return set; +} + +AuthorizationSet Keymaster1Test::ClientParams() { + AuthorizationSet set; + set.push_back(TAG_APPLICATION_ID, "app_id", 6); + return set; +} + +keymaster_error_t Keymaster1Test::BeginOperation(keymaster_purpose_t purpose) { + keymaster_key_param_t* out_params = NULL; + size_t out_params_count = 0; + keymaster_error_t error = + device()->begin(device(), purpose, &blob_, client_params_, array_length(client_params_), + &out_params, &out_params_count, &op_handle_); + EXPECT_EQ(0U, out_params_count); + EXPECT_TRUE(out_params == NULL); + return error; +} + +keymaster_error_t Keymaster1Test::BeginOperation(keymaster_purpose_t purpose, + const AuthorizationSet& input_set, + AuthorizationSet* output_set) { + keymaster_key_param_t* out_params; + size_t out_params_count; + keymaster_error_t error = + device()->begin(device(), purpose, &blob_, input_set.data(), input_set.size(), &out_params, + &out_params_count, &op_handle_); + if (error == KM_ERROR_OK) { + if (output_set) { + output_set->Reinitialize(out_params, out_params_count); + } else { + EXPECT_EQ(0U, out_params_count); + EXPECT_TRUE(out_params == NULL); + } + keymaster_free_param_values(out_params, out_params_count); + free(out_params); + } + return error; +} + +keymaster_error_t Keymaster1Test::UpdateOperation(const string& message, string* output, + size_t* input_consumed) { + uint8_t* out_tmp = NULL; + size_t out_length; + EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL); + keymaster_error_t error = + device()->update(device(), op_handle_, NULL /* params */, 0 /* params_count */, + reinterpret_cast<const uint8_t*>(message.c_str()), message.length(), + input_consumed, &out_tmp, &out_length); + if (error == KM_ERROR_OK && out_tmp) + output->append(reinterpret_cast<char*>(out_tmp), out_length); + free(out_tmp); + return error; +} + +keymaster_error_t Keymaster1Test::UpdateOperation(const AuthorizationSet& additional_params, + const string& message, string* output, + size_t* input_consumed) { + uint8_t* out_tmp = NULL; + size_t out_length; + EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL); + keymaster_error_t error = + device()->update(device(), op_handle_, additional_params.data(), additional_params.size(), + reinterpret_cast<const uint8_t*>(message.c_str()), message.length(), + input_consumed, &out_tmp, &out_length); + if (error == KM_ERROR_OK && out_tmp) + output->append(reinterpret_cast<char*>(out_tmp), out_length); + free(out_tmp); + return error; +} + +keymaster_error_t Keymaster1Test::FinishOperation(string* output) { + return FinishOperation("", output); +} + +keymaster_error_t Keymaster1Test::FinishOperation(const string& signature, string* output) { + AuthorizationSet additional_params; + return FinishOperation(additional_params, signature, output); +} + +keymaster_error_t Keymaster1Test::FinishOperation(const AuthorizationSet& additional_params, + const string& signature, string* output) { + uint8_t* out_tmp = NULL; + size_t out_length; + keymaster_error_t error = + device()->finish(device(), op_handle_, additional_params.data(), additional_params.size(), + reinterpret_cast<const uint8_t*>(signature.c_str()), signature.length(), + &out_tmp, &out_length); + if (out_tmp) + output->append(reinterpret_cast<char*>(out_tmp), out_length); + free(out_tmp); + return error; +} + +keymaster_error_t Keymaster1Test::AbortOperation() { + return device()->abort(device(), op_handle_); +} + +string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message) { + EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */)); + + string result; + size_t input_consumed; + EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); + EXPECT_EQ(message.size(), input_consumed); + EXPECT_EQ(KM_ERROR_OK, FinishOperation(&result)); + return result; +} + +string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message, + const AuthorizationSet& begin_params, + const AuthorizationSet& update_params, + AuthorizationSet* output_params) { + EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, begin_params, output_params)); + + string result; + size_t input_consumed; + EXPECT_EQ(KM_ERROR_OK, UpdateOperation(update_params, message, &result, &input_consumed)); + EXPECT_EQ(message.size(), input_consumed); + EXPECT_EQ(KM_ERROR_OK, FinishOperation(update_params, "", &result)); + return result; +} + +string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message, + const string& signature, const AuthorizationSet& begin_params, + const AuthorizationSet& update_params, + AuthorizationSet* output_params) { + EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, begin_params, output_params)); + + string result; + size_t input_consumed; + EXPECT_EQ(KM_ERROR_OK, UpdateOperation(update_params, message, &result, &input_consumed)); + EXPECT_EQ(message.size(), input_consumed); + EXPECT_EQ(KM_ERROR_OK, FinishOperation(update_params, signature, &result)); + return result; +} + +string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message, + const string& signature) { + EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */)); + + string result; + size_t input_consumed; + EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed)); + EXPECT_EQ(message.size(), input_consumed); + EXPECT_EQ(KM_ERROR_OK, FinishOperation(signature, &result)); + return result; +} + +void Keymaster1Test::SignMessage(const string& message, string* signature, + keymaster_digest_t digest) { + SCOPED_TRACE("SignMessage"); + AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_))); + input_params.push_back(TAG_DIGEST, digest); + AuthorizationSet update_params; + AuthorizationSet output_params; + *signature = + ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params); + EXPECT_GT(signature->size(), 0U); +} + +void Keymaster1Test::SignMessage(const string& message, string* signature, + keymaster_digest_t digest, keymaster_padding_t padding) { + SCOPED_TRACE("SignMessage"); + AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_))); + input_params.push_back(TAG_DIGEST, digest); + input_params.push_back(TAG_PADDING, padding); + AuthorizationSet update_params; + AuthorizationSet output_params; + *signature = + ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params); + EXPECT_GT(signature->size(), 0U); +} + +void Keymaster1Test::MacMessage(const string& message, string* signature, keymaster_digest_t digest, + size_t mac_length) { + SCOPED_TRACE("SignMessage"); + AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_))); + input_params.push_back(TAG_MAC_LENGTH, mac_length); + input_params.push_back(TAG_DIGEST, digest); + AuthorizationSet update_params; + AuthorizationSet output_params; + *signature = + ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params); + EXPECT_GT(signature->size(), 0U); +} + +void Keymaster1Test::VerifyMessage(const string& message, const string& signature, + keymaster_digest_t digest) { + SCOPED_TRACE("VerifyMessage"); + AuthorizationSet input_params(client_params()); + input_params.push_back(TAG_DIGEST, digest); + AuthorizationSet update_params; + AuthorizationSet output_params; + ProcessMessage(KM_PURPOSE_VERIFY, message, signature, input_params, update_params, + &output_params); +} + +void Keymaster1Test::VerifyMessage(const string& message, const string& signature, + keymaster_digest_t digest, keymaster_padding_t padding) { + SCOPED_TRACE("VerifyMessage"); + AuthorizationSet input_params(client_params()); + input_params.push_back(TAG_DIGEST, digest); + input_params.push_back(TAG_PADDING, padding); + AuthorizationSet update_params; + AuthorizationSet output_params; + ProcessMessage(KM_PURPOSE_VERIFY, message, signature, input_params, update_params, + &output_params); +} + +string Keymaster1Test::EncryptMessage(const string& message, keymaster_padding_t padding, + string* generated_nonce) { + AuthorizationSet update_params; + return EncryptMessage(update_params, message, padding, generated_nonce); +} + +string Keymaster1Test::EncryptMessage(const string& message, keymaster_block_mode_t block_mode, + keymaster_padding_t padding, string* generated_nonce) { + AuthorizationSet update_params; + return EncryptMessage(update_params, message, block_mode, padding, generated_nonce); +} + +string Keymaster1Test::EncryptMessage(const AuthorizationSet& update_params, const string& message, + keymaster_padding_t padding, string* generated_nonce) { + SCOPED_TRACE("EncryptMessage"); + AuthorizationSet begin_params(client_params()), output_params; + begin_params.push_back(TAG_PADDING, padding); + string ciphertext = + ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, &output_params); + if (generated_nonce) { + keymaster_blob_t nonce_blob; + EXPECT_TRUE(output_params.GetTagValue(TAG_NONCE, &nonce_blob)); + *generated_nonce = make_string(nonce_blob.data, nonce_blob.data_length); + } else { + EXPECT_EQ(-1, output_params.find(TAG_NONCE)); + } + return ciphertext; +} + +string Keymaster1Test::EncryptMessage(const AuthorizationSet& update_params, const string& message, + keymaster_block_mode_t block_mode, + keymaster_padding_t padding, string* generated_nonce) { + SCOPED_TRACE("EncryptMessage"); + AuthorizationSet begin_params(client_params()), output_params; + begin_params.push_back(TAG_PADDING, padding); + begin_params.push_back(TAG_BLOCK_MODE, block_mode); + string ciphertext = + ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, &output_params); + if (generated_nonce) { + keymaster_blob_t nonce_blob; + EXPECT_TRUE(output_params.GetTagValue(TAG_NONCE, &nonce_blob)); + *generated_nonce = make_string(nonce_blob.data, nonce_blob.data_length); + } else { + EXPECT_EQ(-1, output_params.find(TAG_NONCE)); + } + return ciphertext; +} + +string Keymaster1Test::EncryptMessageWithParams(const string& message, + const AuthorizationSet& begin_params, + const AuthorizationSet& update_params, + AuthorizationSet* output_params) { + SCOPED_TRACE("EncryptMessageWithParams"); + return ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, output_params); +} + +string Keymaster1Test::DecryptMessage(const string& ciphertext, keymaster_padding_t padding) { + SCOPED_TRACE("DecryptMessage"); + AuthorizationSet begin_params(client_params()); + begin_params.push_back(TAG_PADDING, padding); + AuthorizationSet update_params; + return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params); +} + +string Keymaster1Test::DecryptMessage(const string& ciphertext, keymaster_block_mode_t block_mode, + keymaster_padding_t padding) { + SCOPED_TRACE("DecryptMessage"); + AuthorizationSet begin_params(client_params()); + begin_params.push_back(TAG_PADDING, padding); + begin_params.push_back(TAG_BLOCK_MODE, block_mode); + AuthorizationSet update_params; + return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params); +} + +string Keymaster1Test::DecryptMessage(const string& ciphertext, keymaster_padding_t padding, + const string& nonce) { + SCOPED_TRACE("DecryptMessage"); + AuthorizationSet begin_params(client_params()); + begin_params.push_back(TAG_PADDING, padding); + begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size()); + AuthorizationSet update_params; + return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params); +} + +string Keymaster1Test::DecryptMessage(const string& ciphertext, keymaster_block_mode_t block_mode, + keymaster_padding_t padding, const string& nonce) { + SCOPED_TRACE("DecryptMessage"); + AuthorizationSet begin_params(client_params()); + begin_params.push_back(TAG_PADDING, padding); + begin_params.push_back(TAG_BLOCK_MODE, block_mode); + begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size()); + AuthorizationSet update_params; + return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params); +} + +string Keymaster1Test::DecryptMessage(const AuthorizationSet& update_params, + const string& ciphertext, keymaster_padding_t padding, + const string& nonce) { + SCOPED_TRACE("DecryptMessage"); + AuthorizationSet begin_params(client_params()); + begin_params.push_back(TAG_PADDING, padding); + begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size()); + return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params); +} + +keymaster_error_t Keymaster1Test::GetCharacteristics() { + FreeCharacteristics(); + return device()->get_key_characteristics(device(), &blob_, &client_id_, NULL /* app_data */, + &characteristics_); +} + +keymaster_error_t Keymaster1Test::ExportKey(keymaster_key_format_t format, string* export_data) { + uint8_t* export_data_tmp; + size_t export_data_length; + + keymaster_error_t error = + device()->export_key(device(), format, &blob_, &client_id_, NULL /* app_data */, + &export_data_tmp, &export_data_length); + + if (error != KM_ERROR_OK) + return error; + + *export_data = string(reinterpret_cast<char*>(export_data_tmp), export_data_length); + free(export_data_tmp); + return error; +} + +void Keymaster1Test::CheckHmacTestVector(string key, string message, keymaster_digest_t digest, + string expected_mac) { + ASSERT_EQ(KM_ERROR_OK, + ImportKey(AuthorizationSetBuilder().HmacKey(key.size() * 8).Digest(digest), + KM_KEY_FORMAT_RAW, key)); + string signature; + MacMessage(message, &signature, digest, expected_mac.size() * 8); + EXPECT_EQ(expected_mac, signature) << "Test vector didn't match for digest " << (int)digest; +} + +void Keymaster1Test::CheckAesCtrTestVector(const string& key, const string& nonce, + const string& message, + const string& expected_ciphertext) { + ASSERT_EQ(KM_ERROR_OK, ImportKey(AuthorizationSetBuilder() + .AesEncryptionKey(key.size() * 8) + .Authorization(TAG_BLOCK_MODE, KM_MODE_CTR) + .Authorization(TAG_CALLER_NONCE) + .Padding(KM_PAD_NONE), + KM_KEY_FORMAT_RAW, key)); + + AuthorizationSet begin_params(client_params()), update_params, output_params; + begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size()); + begin_params.push_back(TAG_BLOCK_MODE, KM_MODE_CTR); + begin_params.push_back(TAG_PADDING, KM_PAD_NONE); + string ciphertext = + EncryptMessageWithParams(message, begin_params, update_params, &output_params); + EXPECT_EQ(expected_ciphertext, ciphertext); +} + +AuthorizationSet Keymaster1Test::hw_enforced() { + EXPECT_TRUE(characteristics_ != NULL); + return AuthorizationSet(characteristics_->hw_enforced); +} + +AuthorizationSet Keymaster1Test::sw_enforced() { + EXPECT_TRUE(characteristics_ != NULL); + return AuthorizationSet(characteristics_->sw_enforced); +} + +void Keymaster1Test::FreeCharacteristics() { + keymaster_free_characteristics(characteristics_); + free(characteristics_); + characteristics_ = NULL; +} + +void Keymaster1Test::FreeKeyBlob() { + free(const_cast<uint8_t*>(blob_.key_material)); + blob_.key_material = NULL; +} + +void Keymaster1Test::corrupt_key_blob() { + assert(blob_.key_material); + uint8_t* tmp = const_cast<uint8_t*>(blob_.key_material); + ++tmp[blob_.key_material_size / 2]; +} + +} // namespace test +} // namespace keymaster |