Merge "KeyMint VTS: use GTEST_SKIP for optional fn" am: c8520ad895 am: dfce78b011 am: 61180078f2 am: 4ceb5911a3 am: f76f261862

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1853955 Change-Id: Id3b3d344e9648c7c4d884f82dafe68927df1c602
author: David Drysdale <drysdale@google.com> 2021-10-14 13:21:19 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2021-10-14 13:21:19 +0000
commit: acb264c779344548b2900b903588d4b23339ac8f (patch)
tree: 7855accbd65534c5ac2fb204db26df8d675ff40d /security/keymint/aidl/vts/functional/KeyMintTest.cpp
parent: 0e50f5a36aae7cf2550b5cc6771b6d6dd6a417fa (diff)
parent: f76f26186263e6f1d8fff3cf4017a3af91417dc8 (diff)
1 files changed, 112 insertions, 79 deletions
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index d8db5c7d1c..0f9d69a200 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -1840,7 +1840,9 @@ TEST_P(NewKeyGenerationTest, EcdsaInvalidSize) {
  * INVALID_ARGUMENT.
  */
 TEST_P(NewKeyGenerationTest, EcdsaMismatchKeySize) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     auto result = GenerateKey(AuthorizationSetBuilder()
                                       .Authorization(TAG_ALGORITHM, Algorithm::EC)
@@ -2067,7 +2069,9 @@ TEST_P(NewKeyGenerationTest, HmacCheckMinMacLengths) {
  * Verifies that keymint rejects HMAC key generation with multiple specified digest algorithms.
  */
 TEST_P(NewKeyGenerationTest, HmacMultipleDigests) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     ASSERT_EQ(ErrorCode::UNSUPPORTED_DIGEST,
               GenerateKey(AuthorizationSetBuilder()
@@ -2291,7 +2295,9 @@ TEST_P(SigningOperationsTest, RsaPaddingNoneDoesNotAllowOther) {
  * presented.
  */
 TEST_P(SigningOperationsTest, NoUserConfirmation) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .RsaSigningKey(1024, 65537)
                                                  .Digest(Digest::NONE)
@@ -2381,7 +2387,9 @@ TEST_P(SigningOperationsTest, RsaPkcs1NoDigestTooLong) {
  * for a 1024-bit key.
  */
 TEST_P(SigningOperationsTest, RsaPssSha512TooSmallKey) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .RsaSigningKey(1024, 65537)
                                                  .Digest(Digest::SHA_2_512)
@@ -3200,7 +3208,9 @@ TEST_P(ImportKeyTest, EcdsaP256SEC1Success) {
  * Verifies that importing and using an ECDSA P-521 key pair works correctly.
  */
 TEST_P(ImportKeyTest, Ecdsa521Success) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
     ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()
                                                .Authorization(TAG_NO_AUTH_REQUIRED)
                                                .EcdsaSigningKey(EcCurve::P_521)
@@ -3909,7 +3919,9 @@ TEST_P(EncryptionOperationsTest, RsaOaepInvalidPadding) {
  * with a different digest than was used to encrypt.
  */
 TEST_P(EncryptionOperationsTest, RsaOaepDecryptWithWrongDigest) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5823,7 +5835,9 @@ typedef KeyMintAidlTestBase MaxOperationsTest;
  * Verifies that the max uses per boot tag works correctly with AES keys.
  */
 TEST_P(MaxOperationsTest, TestLimitAes) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5850,7 +5864,9 @@ TEST_P(MaxOperationsTest, TestLimitAes) {
  * Verifies that the max uses per boot tag works correctly with RSA keys.
  */
 TEST_P(MaxOperationsTest, TestLimitRsa) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5881,7 +5897,9 @@ typedef KeyMintAidlTestBase UsageCountLimitTest;
  * Verifies that the usage count limit tag = 1 works correctly with AES keys.
  */
 TEST_P(UsageCountLimitTest, TestSingleUseAes) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5925,7 +5943,9 @@ TEST_P(UsageCountLimitTest, TestSingleUseAes) {
  * Verifies that the usage count limit tag > 1 works correctly with AES keys.
  */
 TEST_P(UsageCountLimitTest, TestLimitedUseAes) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5970,7 +5990,9 @@ TEST_P(UsageCountLimitTest, TestLimitedUseAes) {
  * Verifies that the usage count limit tag = 1 works correctly with RSA keys.
  */
 TEST_P(UsageCountLimitTest, TestSingleUseRsa) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .Authorization(TAG_NO_AUTH_REQUIRED)
@@ -6014,7 +6036,9 @@ TEST_P(UsageCountLimitTest, TestSingleUseRsa) {
  * Verifies that the usage count limit tag > 1 works correctly with RSA keys.
  */
 TEST_P(UsageCountLimitTest, TestLimitUseRsa) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .Authorization(TAG_NO_AUTH_REQUIRED)
@@ -6061,7 +6085,9 @@ TEST_P(UsageCountLimitTest, TestLimitUseRsa) {
  * in hardware.
  */
 TEST_P(UsageCountLimitTest, TestSingleUseKeyAndRollbackResistance) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) return;
+    if (SecLevel() == SecurityLevel::STRONGBOX) {
+        GTEST_SKIP() << "Test not applicable to StrongBox device";
+    }
 
     auto error = GenerateKey(AuthorizationSetBuilder()
                                      .RsaSigningKey(2048, 65537)
@@ -6070,38 +6096,39 @@ TEST_P(UsageCountLimitTest, TestSingleUseKeyAndRollbackResistance) {
                                      .Authorization(TAG_NO_AUTH_REQUIRED)
                                      .Authorization(TAG_ROLLBACK_RESISTANCE)
                                      .SetDefaultValidity());
-    ASSERT_TRUE(error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE || error == ErrorCode::OK);
+    if (error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE) {
+        GTEST_SKIP() << "Rollback resistance not supported";
+    }
 
-    if (error == ErrorCode::OK) {
-        // Rollback resistance is supported by KeyMint, verify it is enforced in hardware.
-        AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
-        ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
-        ASSERT_EQ(ErrorCode::OK, DeleteKey());
+    // Rollback resistance is supported by KeyMint, verify it is enforced in hardware.
+    ASSERT_EQ(ErrorCode::OK, error);
+    AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
+    ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
+    ASSERT_EQ(ErrorCode::OK, DeleteKey());
 
-        // The KeyMint should also enforce single use key in hardware when it supports rollback
-        // resistance.
-        ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
-                                                     .Authorization(TAG_NO_AUTH_REQUIRED)
-                                                     .RsaSigningKey(1024, 65537)
-                                                     .NoDigestOrPadding()
-                                                     .Authorization(TAG_USAGE_COUNT_LIMIT, 1)
-                                                     .SetDefaultValidity()));
+    // The KeyMint should also enforce single use key in hardware when it supports rollback
+    // resistance.
+    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+                                                 .Authorization(TAG_NO_AUTH_REQUIRED)
+                                                 .RsaSigningKey(1024, 65537)
+                                                 .NoDigestOrPadding()
+                                                 .Authorization(TAG_USAGE_COUNT_LIMIT, 1)
+                                                 .SetDefaultValidity()));
 
-        // Check the usage count limit tag appears in the hardware authorizations.
-        AuthorizationSet hardware_auths = HwEnforcedAuthorizations(key_characteristics_);
-        EXPECT_TRUE(hardware_auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U))
-                << "key usage count limit " << 1U << " missing";
+    // Check the usage count limit tag appears in the hardware authorizations.
+    AuthorizationSet hardware_auths = HwEnforcedAuthorizations(key_characteristics_);
+    EXPECT_TRUE(hardware_auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U))
+            << "key usage count limit " << 1U << " missing";
 
-        string message = "1234567890123456";
-        auto params = AuthorizationSetBuilder().NoDigestOrPadding();
+    string message = "1234567890123456";
+    auto params = AuthorizationSetBuilder().NoDigestOrPadding();
 
-        // First usage of RSA key should work.
-        SignMessage(message, params);
+    // First usage of RSA key should work.
+    SignMessage(message, params);
 
-        // Usage count limit tag is enforced by hardware. After using the key, the key blob
-        // must be invalidated from secure storage (such as RPMB partition).
-        EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB, Begin(KeyPurpose::SIGN, params));
-    }
+    // Usage count limit tag is enforced by hardware. After using the key, the key blob
+    // must be invalidated from secure storage (such as RPMB partition).
+    EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB, Begin(KeyPurpose::SIGN, params));
 }
 
 INSTANTIATE_KEYMINT_AIDL_TEST(UsageCountLimitTest);
@@ -6178,24 +6205,25 @@ TEST_P(KeyDeletionTest, DeleteKey) {
                                      .Authorization(TAG_NO_AUTH_REQUIRED)
                                      .Authorization(TAG_ROLLBACK_RESISTANCE)
                                      .SetDefaultValidity());
-    ASSERT_TRUE(error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE || error == ErrorCode::OK);
+    if (error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE) {
+        GTEST_SKIP() << "Rollback resistance not supported";
+    }
 
     // Delete must work if rollback protection is implemented
-    if (error == ErrorCode::OK) {
-        AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
-        ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
+    ASSERT_EQ(ErrorCode::OK, error);
+    AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
+    ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
 
-        ASSERT_EQ(ErrorCode::OK, DeleteKey(true /* keep key blob */));
+    ASSERT_EQ(ErrorCode::OK, DeleteKey(true /* keep key blob */));
 
-        string message = "12345678901234567890123456789012";
-        AuthorizationSet begin_out_params;
-        EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB,
-                  Begin(KeyPurpose::SIGN, key_blob_,
-                        AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE),
-                        &begin_out_params));
-        AbortIfNeeded();
-        key_blob_ = AidlBuf();
-    }
+    string message = "12345678901234567890123456789012";
+    AuthorizationSet begin_out_params;
+    EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB,
+              Begin(KeyPurpose::SIGN, key_blob_,
+                    AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE),
+                    &begin_out_params));
+    AbortIfNeeded();
+    key_blob_ = AidlBuf();
 }
 
 /**
@@ -6212,21 +6240,22 @@ TEST_P(KeyDeletionTest, DeleteInvalidKey) {
                                      .Authorization(TAG_NO_AUTH_REQUIRED)
                                      .Authorization(TAG_ROLLBACK_RESISTANCE)
                                      .SetDefaultValidity());
-    ASSERT_TRUE(error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE || error == ErrorCode::OK);
+    if (error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE) {
+        GTEST_SKIP() << "Rollback resistance not supported";
+    }
 
     // Delete must work if rollback protection is implemented
-    if (error == ErrorCode::OK) {
-        AuthorizationSet enforced(SecLevelAuthorizations());
-        ASSERT_TRUE(enforced.Contains(TAG_ROLLBACK_RESISTANCE));
+    ASSERT_EQ(ErrorCode::OK, error);
+    AuthorizationSet enforced(SecLevelAuthorizations());
+    ASSERT_TRUE(enforced.Contains(TAG_ROLLBACK_RESISTANCE));
 
-        // Delete the key we don't care about the result at this point.
-        DeleteKey();
+    // Delete the key we don't care about the result at this point.
+    DeleteKey();
 
-        // Now create an invalid key blob and delete it.
-        key_blob_ = AidlBuf("just some garbage data which is not a valid key blob");
+    // Now create an invalid key blob and delete it.
+    key_blob_ = AidlBuf("just some garbage data which is not a valid key blob");
 
-        ASSERT_EQ(ErrorCode::OK, DeleteKey());
-    }
+    ASSERT_EQ(ErrorCode::OK, DeleteKey());
 }
 
 /**
@@ -6241,7 +6270,10 @@ TEST_P(KeyDeletionTest, DeleteInvalidKey) {
  * credentials stored in Keystore/Keymint.
  */
 TEST_P(KeyDeletionTest, DeleteAllKeys) {
-    if (!arm_deleteAllKeys) return;
+    if (!arm_deleteAllKeys) {
+        GTEST_SKIP() << "Option --arm_deleteAllKeys not set";
+        return;
+    }
     auto error = GenerateKey(AuthorizationSetBuilder()
                                      .RsaSigningKey(2048, 65537)
                                      .Digest(Digest::NONE)
@@ -6249,25 +6281,26 @@ TEST_P(KeyDeletionTest, DeleteAllKeys) {
                                      .Authorization(TAG_NO_AUTH_REQUIRED)
                                      .Authorization(TAG_ROLLBACK_RESISTANCE)
                                      .SetDefaultValidity());
-    ASSERT_TRUE(error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE || error == ErrorCode::OK);
+    if (error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE) {
+        GTEST_SKIP() << "Rollback resistance not supported";
+    }
 
     // Delete must work if rollback protection is implemented
-    if (error == ErrorCode::OK) {
-        AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
-        ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
+    ASSERT_EQ(ErrorCode::OK, error);
+    AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
+    ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
 
-        ASSERT_EQ(ErrorCode::OK, DeleteAllKeys());
+    ASSERT_EQ(ErrorCode::OK, DeleteAllKeys());
 
-        string message = "12345678901234567890123456789012";
-        AuthorizationSet begin_out_params;
-
-        EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB,
-                  Begin(KeyPurpose::SIGN, key_blob_,
-                        AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE),
-                        &begin_out_params));
-        AbortIfNeeded();
-        key_blob_ = AidlBuf();
-    }
+    string message = "12345678901234567890123456789012";
+    AuthorizationSet begin_out_params;
+
+    EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB,
+              Begin(KeyPurpose::SIGN, key_blob_,
+                    AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE),
+                    &begin_out_params));
+    AbortIfNeeded();
+    key_blob_ = AidlBuf();
 }
 
 INSTANTIATE_KEYMINT_AIDL_TEST(KeyDeletionTest);
author	David Drysdale <drysdale@google.com>	2021-10-14 13:21:19 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2021-10-14 13:21:19 +0000
commit	acb264c779344548b2900b903588d4b23339ac8f (patch)
tree	7855accbd65534c5ac2fb204db26df8d675ff40d /security/keymint/aidl/vts/functional/KeyMintTest.cpp
parent	0e50f5a36aae7cf2550b5cc6771b6d6dd6a417fa (diff)
parent	f76f26186263e6f1d8fff3cf4017a3af91417dc8 (diff)