diff options
| author | David Drysdale <drysdale@google.com> | 2021-05-20 12:05:26 +0100 |
|---|---|---|
| committer | David Drysdale <drysdale@google.com> | 2021-06-07 17:27:36 +0100 |
| commit | 96ad2036b29bc13a133be3683649cf7c4256c0d0 (patch) | |
| tree | 6a7d264786dabcd4e3d352f5c0310bd9c90c21bd /security/keymint/aidl/vts/functional/KeyMintTest.cpp | |
| parent | 09c9ab7c9a2bc4b2ecb21728be9e186827775847 (diff) | |
KeyMint VTS: test getKeyCharacteristics()
Bug: 186685601
Bug: 188855306
Test: VtsAidlKeyMintTargetTest
Merged-In: Icf400533b0ded98b9338f2d782d95d90c7efbff4
Change-Id: Icf400533b0ded98b9338f2d782d95d90c7efbff4
Ignore-AOSP-First: already merged in aosp/master
Diffstat (limited to 'security/keymint/aidl/vts/functional/KeyMintTest.cpp')
| -rw-r--r-- | security/keymint/aidl/vts/functional/KeyMintTest.cpp | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp index 8b1eb30959..5dcfcaaa63 100644 --- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp +++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp @@ -560,6 +560,7 @@ TEST_P(NewKeyGenerationTest, Aes) { EXPECT_GT(key_blob.size(), 0U); CheckSymmetricParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -742,6 +743,7 @@ TEST_P(NewKeyGenerationTest, TripleDes) { EXPECT_GT(key_blob.size(), 0U); CheckSymmetricParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -788,6 +790,7 @@ TEST_P(NewKeyGenerationTest, TripleDesWithAttestation) { EXPECT_GT(key_blob.size(), 0U); CheckSymmetricParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -865,6 +868,7 @@ TEST_P(NewKeyGenerationTest, Rsa) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -911,6 +915,7 @@ TEST_P(NewKeyGenerationTest, RsaWithAttestation) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -978,6 +983,7 @@ TEST_P(NewKeyGenerationTest, RsaWithRpkAttestation) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1108,6 +1114,7 @@ TEST_P(NewKeyGenerationTest, RsaWithSelfSign) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1176,6 +1183,7 @@ TEST_P(NewKeyGenerationTest, RsaWithAttestationAppIdIgnored) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1211,6 +1219,7 @@ TEST_P(NewKeyGenerationTest, LimitedUsageRsa) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1266,6 +1275,7 @@ TEST_P(NewKeyGenerationTest, LimitedUsageRsaWithAttestation) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1362,6 +1372,7 @@ TEST_P(NewKeyGenerationTest, Ecdsa) { &key_blob, &key_characteristics)); ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1405,6 +1416,7 @@ TEST_P(NewKeyGenerationTest, EcdsaAttestation) { &key_blob, &key_characteristics)); ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1452,6 +1464,7 @@ TEST_P(NewKeyGenerationTest, EcdsaSelfSignAttestation) { &key_blob, &key_characteristics)); ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1511,6 +1524,7 @@ TEST_P(NewKeyGenerationTest, EcdsaIgnoreAppId) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1555,6 +1569,7 @@ TEST_P(NewKeyGenerationTest, AttestationApplicationIDLengthProperlyEncoded) { &key_blob, &key_characteristics)); ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1594,6 +1609,7 @@ TEST_P(NewKeyGenerationTest, LimitedUsageEcdsa) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); @@ -1726,6 +1742,7 @@ TEST_P(NewKeyGenerationTest, Hmac) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::HMAC)); @@ -1761,6 +1778,7 @@ TEST_P(NewKeyGenerationTest, HmacNoAttestation) { ASSERT_GT(key_blob.size(), 0U); ASSERT_EQ(cert_chain_.size(), 0); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::HMAC)); @@ -1791,6 +1809,7 @@ TEST_P(NewKeyGenerationTest, LimitedUsageHmac) { ASSERT_GT(key_blob.size(), 0U); CheckBaseParams(key_characteristics); + CheckCharacteristics(key_blob, key_characteristics); AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics); EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::HMAC)); @@ -2044,6 +2063,9 @@ TEST_P(SigningOperationsTest, RsaUseRequiresCorrectAppIdAppData) { .Authorization(TAG_APPLICATION_ID, "clientid") .Authorization(TAG_APPLICATION_DATA, "appdata") .SetDefaultValidity())); + + CheckAppIdCharacteristics(key_blob_, "clientid", "appdata", key_characteristics_); + EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB, Begin(KeyPurpose::SIGN, AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE))); @@ -2558,6 +2580,9 @@ TEST_P(SigningOperationsTest, EcUseRequiresCorrectAppIdAppData) { .Authorization(TAG_APPLICATION_ID, "clientid") .Authorization(TAG_APPLICATION_DATA, "appdata") .SetDefaultValidity())); + + CheckAppIdCharacteristics(key_blob_, "clientid", "appdata", key_characteristics_); + EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB, Begin(KeyPurpose::SIGN, AuthorizationSetBuilder().Digest(Digest::NONE))); AbortIfNeeded(); |