diff options
| author | Shawn Willden <swillden@google.com> | 2016-03-16 08:32:39 -0600 |
|---|---|---|
| committer | Shawn Willden <swillden@google.com> | 2016-03-25 12:34:28 -0600 |
| commit | 47d2616439c134502d9ee87a3d4bda065e3d5324 (patch) | |
| tree | 0bd03943d152b24c2399dc788699803358264026 | |
| parent | 3976b6c43e2809662940d52306e03b2733112d05 (diff) | |
| download | security-47d2616439c134502d9ee87a3d4bda065e3d5324.tar.gz | |
Fix AuthTokenTable tests.
The local unit test bit-rotted. This fixes it.
Change-Id: I37c8dbd894b69f3a48aefdd4f71339c45d571f6b
| -rw-r--r-- | keystore/tests/Android.mk | 8 | ||||
| -rw-r--r-- | keystore/tests/Makefile | 16 | ||||
| -rw-r--r-- | keystore/tests/auth_token_table_test.cpp | 166 | ||||
| -rw-r--r-- | keystore/tests/gtest_main.cpp | 21 |
4 files changed, 131 insertions, 80 deletions
diff --git a/keystore/tests/Android.mk b/keystore/tests/Android.mk index be8c426c..8126c949 100644 --- a/keystore/tests/Android.mk +++ b/keystore/tests/Android.mk @@ -22,10 +22,12 @@ ifeq ($(USE_32_BIT_KEYSTORE), true) LOCAL_MULTILIB := 32 endif LOCAL_CFLAGS := -Wall -Wextra -Werror -LOCAL_SRC_FILES := auth_token_table_test.cpp -LOCAL_MODULE := auth_token_table_test +LOCAL_SRC_FILES := \ + auth_token_table_test.cpp +LOCAL_MODULE := keystore_unit_tests +LOCAL_MODULE_TAGS := test LOCAL_C_INCLUDES := $(LOCAL_PATH)/include -LOCAL_STATIC_LIBRARIES := libgtest_main libkeystore_test +LOCAL_STATIC_LIBRARIES := libgtest_main libkeystore_test liblog LOCAL_SHARED_LIBRARIES := libkeymaster_messages LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk include $(BUILD_NATIVE_TEST) diff --git a/keystore/tests/Makefile b/keystore/tests/Makefile index 5c1117f6..2720b0f8 100644 --- a/keystore/tests/Makefile +++ b/keystore/tests/Makefile @@ -31,7 +31,7 @@ else COMPILER_SPECIFIC_ARGS=-std=c++0x -fprofile-arcs endif -CPPFLAGS=$(INCLUDES) -g -O0 -MD +CPPFLAGS=$(INCLUDES) -g -O0 -MD -DHOST_BUILD CXXFLAGS=-Wall -Werror -Wno-unused -Winit-self -Wpointer-arith -Wunused-parameter \ -Werror=sign-compare -Wmissing-declarations -ftest-coverage -fno-permissive \ -Wno-deprecated-declarations -fno-exceptions -DKEYMASTER_NAME_TAGS \ @@ -46,7 +46,14 @@ LDLIBS=-lpthread -lstdc++ -lgcov # file here (not headers). CPPSRCS=\ ../auth_token_table.cpp \ - auth_token_table_test.cpp + auth_token_table_test.cpp \ + gtest_main.cpp \ + $(KEYMASTER)/authorization_set.cpp \ + $(KEYMASTER)/keymaster_tags.cpp \ + $(KEYMASTER)/logger.cpp \ + $(KEYMASTER)/serializable.cpp + +CCSRCS=$(GTEST)/src/gtest-all.cc # This list of binaries determes what gets built and run. Add each new test binary here. BINARIES=\ @@ -60,10 +67,13 @@ BINARIES=\ run: $(BINARIES:=.run) +GTEST_OBJS = $(GTEST)/src/gtest-all.o gtest_main.o + auth_token_table_test: auth_token_table_test.o \ ../auth_token_table.o \ - $(GTEST)/src/gtest-all.o \ + $(GTEST_OBJS) \ $(KEYMASTER)/authorization_set.o \ + $(KEYMASTER)/keymaster_tags.o \ $(KEYMASTER)/logger.o \ $(KEYMASTER)/serializable.o diff --git a/keystore/tests/auth_token_table_test.cpp b/keystore/tests/auth_token_table_test.cpp index b1c0f493..1b31cf51 100644 --- a/keystore/tests/auth_token_table_test.cpp +++ b/keystore/tests/auth_token_table_test.cpp @@ -23,11 +23,6 @@ using std::vector; -int main(int argc, char** argv) { - ::testing::InitGoogleTest(&argc, argv); - int result = RUN_ALL_TESTS(); -} - inline bool operator==(const hw_auth_token_t& a, const hw_auth_token_t& b) { return (memcmp(&a, &b, sizeof(a)) == 0); } @@ -109,24 +104,24 @@ TEST(AuthTokenTableTest, SimpleAddAndFindTokens) { const hw_auth_token_t* found; - ASSERT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0, &found)); + ASSERT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(1U, found->user_id); EXPECT_EQ(2U, found->authenticator_id); - ASSERT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), 0, &found)); + ASSERT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(1U, found->user_id); EXPECT_EQ(2U, found->authenticator_id); - ASSERT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), 0, &found)); + ASSERT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(3U, found->user_id); EXPECT_EQ(4U, found->authenticator_id); - ASSERT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(4), 0, &found)); + ASSERT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(4), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(3U, found->user_id); EXPECT_EQ(4U, found->authenticator_id); ASSERT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(5), 0, &found)); + table.FindAuthorization(make_set(5), KM_PURPOSE_SIGN, 0, &found)); } TEST(AuthTokenTableTest, FlushTable) { @@ -140,9 +135,9 @@ TEST(AuthTokenTableTest, FlushTable) { // All three should be in the table. EXPECT_EQ(3U, table.size()); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), KM_PURPOSE_SIGN, 0, &found)); table.Clear(); EXPECT_EQ(0U, table.size()); @@ -159,32 +154,32 @@ TEST(AuthTokenTableTest, TableOverflow) { // All three should be in the table. EXPECT_EQ(3U, table.size()); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), KM_PURPOSE_SIGN, 0, &found)); table.AddAuthenticationToken(make_token(4)); // Oldest should be gone. EXPECT_EQ(3U, table.size()); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(1), 0, &found)); + table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0, &found)); // Others should be there, including the new one (4). Search for it first, then the others, so // 4 becomes the least recently used. - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(4), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(4), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), KM_PURPOSE_SIGN, 0, &found)); table.AddAuthenticationToken(make_token(5)); // 5 should have replaced 4. EXPECT_EQ(3U, table.size()); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(4), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(5), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), 0, &found)); + table.FindAuthorization(make_set(4), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(5), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), KM_PURPOSE_SIGN, 0, &found)); table.AddAuthenticationToken(make_token(6)); table.AddAuthenticationToken(make_token(7)); @@ -192,12 +187,12 @@ TEST(AuthTokenTableTest, TableOverflow) { // 2 and 5 should be gone EXPECT_EQ(3U, table.size()); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(2), 0, &found)); + table.FindAuthorization(make_set(2), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(5), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(6), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(7), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), 0, &found)); + table.FindAuthorization(make_set(5), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(6), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(7), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(3), KM_PURPOSE_SIGN, 0, &found)); table.AddAuthenticationToken(make_token(8)); table.AddAuthenticationToken(make_token(9)); @@ -206,22 +201,23 @@ TEST(AuthTokenTableTest, TableOverflow) { // Only the three most recent should be there. EXPECT_EQ(3U, table.size()); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(1), 0, &found)); + table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(2), 0, &found)); + table.FindAuthorization(make_set(2), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(3), 0, &found)); + table.FindAuthorization(make_set(3), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(4), 0, &found)); + table.FindAuthorization(make_set(4), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(5), 0, &found)); + table.FindAuthorization(make_set(5), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(6), 0, &found)); + table.FindAuthorization(make_set(6), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(7), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(8), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(9), 0, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(10), 0, &found)); + table.FindAuthorization(make_set(7), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(8), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(9), KM_PURPOSE_SIGN, 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(make_set(10), KM_PURPOSE_SIGN, 0, &found)); } TEST(AuthTokenTableTest, AuthenticationNotRequired) { @@ -229,8 +225,9 @@ TEST(AuthTokenTableTest, AuthenticationNotRequired) { const hw_auth_token_t* found; EXPECT_EQ(AuthTokenTable::AUTH_NOT_REQUIRED, - table.FindAuthorization(AuthorizationSetBuilder().Authorization(TAG_NO_AUTH_REQUIRED), - 0 /* no challenge */, &found)); + table.FindAuthorization( + AuthorizationSetBuilder().Authorization(TAG_NO_AUTH_REQUIRED).build(), + KM_PURPOSE_SIGN, 0 /* no challenge */, &found)); } TEST(AuthTokenTableTest, OperationHandleNotFound) { @@ -239,14 +236,15 @@ TEST(AuthTokenTableTest, OperationHandleNotFound) { table.AddAuthenticationToken(make_token(1, 0, 1, 5)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(1, 0 /* no timeout */), + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, 2 /* non-matching challenge */, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1, 0 /* no timeout */), - 1 /* matching challenge */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 1 /* matching challenge */, &found)); table.MarkCompleted(1); - EXPECT_EQ( - AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(1, 0 /* no timeout */), 1 /* used challenge */, &found)); + EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 1 /* used challenge */, &found)); } TEST(AuthTokenTableTest, OperationHandleRequired) { @@ -254,9 +252,9 @@ TEST(AuthTokenTableTest, OperationHandleRequired) { const hw_auth_token_t* found; table.AddAuthenticationToken(make_token(1)); - EXPECT_EQ( - AuthTokenTable::OP_HANDLE_REQUIRED, - table.FindAuthorization(make_set(1, 0 /* no timeout */), 0 /* no op handle */, &found)); + EXPECT_EQ(AuthTokenTable::OP_HANDLE_REQUIRED, + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 0 /* no op handle */, &found)); } TEST(AuthTokenTableTest, AuthSidChanged) { @@ -265,7 +263,8 @@ TEST(AuthTokenTableTest, AuthSidChanged) { table.AddAuthenticationToken(make_token(1, 3, /* op handle */ 1)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_WRONG_SID, - table.FindAuthorization(make_set(2, 0 /* no timeout */), 1 /* op handle */, &found)); + table.FindAuthorization(make_set(2, 0 /* no timeout */), KM_PURPOSE_SIGN, + 1 /* op handle */, &found)); } TEST(AuthTokenTableTest, TokenExpired) { @@ -281,13 +280,18 @@ TEST(AuthTokenTableTest, TokenExpired) { // expired. An additional check of the secure timestamp (in the token) will be made by // keymaster when the found token is passed to it. table.AddAuthenticationToken(make_token(1, 0)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(key_info, 0 /* no op handle */, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(key_info, 0 /* no op handle */, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(key_info, 0 /* no op handle */, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(key_info, 0 /* no op handle */, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(key_info, 0 /* no op handle */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(key_info, KM_PURPOSE_SIGN, 0 /* no op handle */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(key_info, KM_PURPOSE_SIGN, 0 /* no op handle */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(key_info, KM_PURPOSE_SIGN, 0 /* no op handle */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(key_info, KM_PURPOSE_SIGN, 0 /* no op handle */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(key_info, KM_PURPOSE_SIGN, 0 /* no op handle */, &found)); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_EXPIRED, - table.FindAuthorization(key_info, 0 /* no op handle */, &found)); + table.FindAuthorization(key_info, KM_PURPOSE_SIGN, 0 /* no op handle */, &found)); } TEST(AuthTokenTableTest, MarkNonexistentEntryCompleted) { @@ -305,7 +309,7 @@ TEST(AuthTokenTableTest, SupersededEntries) { table.AddAuthenticationToken(make_token(1, 0, 0, 0)); table.AddAuthenticationToken(make_token(1, 0, 0, 1)); EXPECT_EQ(1U, table.size()); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(1U, ntoh(found->timestamp)); // Add a third token, this with a different RSID. It should not be superseded. @@ -316,9 +320,9 @@ TEST(AuthTokenTableTest, SupersededEntries) { table.AddAuthenticationToken(make_token(1, 0, 0, 3)); table.AddAuthenticationToken(make_token(2, 0, 0, 4)); EXPECT_EQ(2U, table.size()); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(3U, ntoh(found->timestamp)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), 0, &found)); + EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), KM_PURPOSE_SIGN, 0, &found)); EXPECT_EQ(4U, ntoh(found->timestamp)); // Add another, this one with a challenge value. It should supersede the old one since it is @@ -334,10 +338,12 @@ TEST(AuthTokenTableTest, SupersededEntries) { // Should be able to find each of them, by specifying their challenge, with a key that is not // timed (timed keys don't care about challenges). EXPECT_EQ(AuthTokenTable::OK, - table.FindAuthorization(make_set(1, 0 /* no timeout*/), 1 /* challenge */, &found)); + table.FindAuthorization(make_set(1, 0 /* no timeout*/), KM_PURPOSE_SIGN, + 1 /* challenge */, &found)); EXPECT_EQ(5U, ntoh(found->timestamp)); EXPECT_EQ(AuthTokenTable::OK, - table.FindAuthorization(make_set(1, 0 /* no timeout */), 2 /* challenge */, &found)); + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 2 /* challenge */, &found)); EXPECT_EQ(6U, ntoh(found->timestamp)); // Add another, without a challenge, and the same timestamp as the last one. This new one @@ -345,7 +351,8 @@ TEST(AuthTokenTableTest, SupersededEntries) { // since it seems unlikely to occur in practice. table.AddAuthenticationToken(make_token(1, 0, 0, 6)); EXPECT_EQ(4U, table.size()); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0 /* challenge */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0 /* challenge */, &found)); EXPECT_EQ(6U, ntoh(found->timestamp)); // Add another without a challenge but an increased timestamp. This should supersede the @@ -353,9 +360,11 @@ TEST(AuthTokenTableTest, SupersededEntries) { table.AddAuthenticationToken(make_token(1, 0, 0, 7)); EXPECT_EQ(4U, table.size()); EXPECT_EQ(AuthTokenTable::OK, - table.FindAuthorization(make_set(1, 0 /* no timeout */), 2 /* challenge */, &found)); + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 2 /* challenge */, &found)); EXPECT_EQ(6U, ntoh(found->timestamp)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0 /* challenge */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0 /* challenge */, &found)); EXPECT_EQ(7U, ntoh(found->timestamp)); // Mark the entry with challenge 2 as complete. Since there's a newer challenge-free entry, the @@ -363,8 +372,10 @@ TEST(AuthTokenTableTest, SupersededEntries) { table.MarkCompleted(2); EXPECT_EQ(3U, table.size()); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(1, 0 /* no timeout */), 2 /* challenge */, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0 /* challenge */, &found)); + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 2 /* challenge */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0 /* challenge */, &found)); EXPECT_EQ(7U, ntoh(found->timestamp)); // Add another SID 1 entry with a challenge. It supersedes the previous SID 1 entry with @@ -373,15 +384,18 @@ TEST(AuthTokenTableTest, SupersededEntries) { EXPECT_EQ(3U, table.size()); EXPECT_EQ(AuthTokenTable::OK, - table.FindAuthorization(make_set(1, 0 /* no timeout */), 1 /* challenge */, &found)); + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 1 /* challenge */, &found)); EXPECT_EQ(5U, ntoh(found->timestamp)); EXPECT_EQ(AuthTokenTable::OK, - table.FindAuthorization(make_set(1, 0 /* no timeout */), 3 /* challenge */, &found)); + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 3 /* challenge */, &found)); EXPECT_EQ(8U, ntoh(found->timestamp)); // SID 2 entry is still there. - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(2), 0 /* challenge */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(make_set(2), KM_PURPOSE_SIGN, 0 /* challenge */, &found)); EXPECT_EQ(4U, ntoh(found->timestamp)); // Mark the entry with challenge 3 as complete. Since the older challenge 1 entry is @@ -390,10 +404,12 @@ TEST(AuthTokenTableTest, SupersededEntries) { EXPECT_EQ(3U, table.size()); EXPECT_EQ(AuthTokenTable::OK, - table.FindAuthorization(make_set(1, 0 /* no timeout */), 1 /* challenge */, &found)); + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 1 /* challenge */, &found)); EXPECT_EQ(5U, ntoh(found->timestamp)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0 /* challenge */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0 /* challenge */, &found)); EXPECT_EQ(8U, ntoh(found->timestamp)); // Mark the entry with challenge 1 as complete. Since there's a newer one (with challenge 3, @@ -401,8 +417,10 @@ TEST(AuthTokenTableTest, SupersededEntries) { table.MarkCompleted(1); EXPECT_EQ(2U, table.size()); EXPECT_EQ(AuthTokenTable::AUTH_TOKEN_NOT_FOUND, - table.FindAuthorization(make_set(1, 0 /* no timeout */), 1 /* challenge */, &found)); - EXPECT_EQ(AuthTokenTable::OK, table.FindAuthorization(make_set(1), 0 /* challenge */, &found)); + table.FindAuthorization(make_set(1, 0 /* no timeout */), KM_PURPOSE_SIGN, + 1 /* challenge */, &found)); + EXPECT_EQ(AuthTokenTable::OK, + table.FindAuthorization(make_set(1), KM_PURPOSE_SIGN, 0 /* challenge */, &found)); EXPECT_EQ(8U, ntoh(found->timestamp)); } diff --git a/keystore/tests/gtest_main.cpp b/keystore/tests/gtest_main.cpp new file mode 100644 index 00000000..4db0ec82 --- /dev/null +++ b/keystore/tests/gtest_main.cpp @@ -0,0 +1,21 @@ +/* + * Copyright (C) 2015 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <gtest/gtest.h> +int main(int argc, char** argv) { + ::testing::InitGoogleTest(&argc, argv); + return RUN_ALL_TESTS(); +} |