KeyMint VTS: use GTEST_SKIP for optional fn
When a KeyMint VTS exercises optional functionality, where possible
use GTEST_SKIP() when that functionality is absent, so the test
summary includes information about what is present and what isn't.
This should not affect the overall test result.
Test: VtsAidlKeyMintTargetTest
Change-Id: I62d244d2e4ecc67737906009575e64b50450d4c4
diff --git a/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp b/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp
index d7abf07..6f2f189 100644
--- a/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp
+++ b/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp
@@ -64,7 +64,9 @@
* attestation.
*/
TEST_P(DeviceUniqueAttestationTest, RsaNonStrongBoxUnimplemented) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
@@ -91,7 +93,9 @@
* attestation.
*/
TEST_P(DeviceUniqueAttestationTest, EcdsaNonStrongBoxUnimplemented) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
@@ -117,7 +121,9 @@
* attestation correctly, if implemented.
*/
TEST_P(DeviceUniqueAttestationTest, RsaDeviceUniqueAttestation) {
- if (SecLevel() != SecurityLevel::STRONGBOX) return;
+ if (SecLevel() != SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to non-StrongBox device";
+ }
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
@@ -174,7 +180,9 @@
* attestation correctly, if implemented.
*/
TEST_P(DeviceUniqueAttestationTest, EcdsaDeviceUniqueAttestation) {
- if (SecLevel() != SecurityLevel::STRONGBOX) return;
+ if (SecLevel() != SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to non-StrongBox device";
+ }
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
@@ -226,7 +234,9 @@
* local device.
*/
TEST_P(DeviceUniqueAttestationTest, EcdsaDeviceUniqueAttestationID) {
- if (SecLevel() != SecurityLevel::STRONGBOX) return;
+ if (SecLevel() != SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to non-StrongBox device";
+ }
// Collection of valid attestation ID tags.
auto attestation_id_tags = AuthorizationSetBuilder();
@@ -292,7 +302,9 @@
* don't match the local device.
*/
TEST_P(DeviceUniqueAttestationTest, EcdsaDeviceUniqueAttestationMismatchID) {
- if (SecLevel() != SecurityLevel::STRONGBOX) return;
+ if (SecLevel() != SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to non-StrongBox device";
+ }
// Collection of invalid attestation ID tags.
auto attestation_id_tags =
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index a98c57d..2e07590 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -1840,7 +1840,9 @@
* INVALID_ARGUMENT.
*/
TEST_P(NewKeyGenerationTest, EcdsaMismatchKeySize) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
auto result = GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_ALGORITHM, Algorithm::EC)
@@ -2067,7 +2069,9 @@
* Verifies that keymint rejects HMAC key generation with multiple specified digest algorithms.
*/
TEST_P(NewKeyGenerationTest, HmacMultipleDigests) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::UNSUPPORTED_DIGEST,
GenerateKey(AuthorizationSetBuilder()
@@ -2291,7 +2295,9 @@
* presented.
*/
TEST_P(SigningOperationsTest, NoUserConfirmation) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.RsaSigningKey(1024, 65537)
.Digest(Digest::NONE)
@@ -2381,7 +2387,9 @@
* for a 1024-bit key.
*/
TEST_P(SigningOperationsTest, RsaPssSha512TooSmallKey) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.RsaSigningKey(1024, 65537)
.Digest(Digest::SHA_2_512)
@@ -3200,7 +3208,9 @@
* Verifies that importing and using an ECDSA P-521 key pair works correctly.
*/
TEST_P(ImportKeyTest, Ecdsa521Success) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.EcdsaSigningKey(EcCurve::P_521)
@@ -3909,7 +3919,9 @@
* with a different digest than was used to encrypt.
*/
TEST_P(EncryptionOperationsTest, RsaOaepDecryptWithWrongDigest) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5780,7 +5792,9 @@
* Verifies that the max uses per boot tag works correctly with AES keys.
*/
TEST_P(MaxOperationsTest, TestLimitAes) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5807,7 +5821,9 @@
* Verifies that the max uses per boot tag works correctly with RSA keys.
*/
TEST_P(MaxOperationsTest, TestLimitRsa) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5838,7 +5854,9 @@
* Verifies that the usage count limit tag = 1 works correctly with AES keys.
*/
TEST_P(UsageCountLimitTest, TestSingleUseAes) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5882,7 +5900,9 @@
* Verifies that the usage count limit tag > 1 works correctly with AES keys.
*/
TEST_P(UsageCountLimitTest, TestLimitedUseAes) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5927,7 +5947,9 @@
* Verifies that the usage count limit tag = 1 works correctly with RSA keys.
*/
TEST_P(UsageCountLimitTest, TestSingleUseRsa) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
@@ -5971,7 +5993,9 @@
* Verifies that the usage count limit tag > 1 works correctly with RSA keys.
*/
TEST_P(UsageCountLimitTest, TestLimitUseRsa) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
@@ -6018,7 +6042,9 @@
* in hardware.
*/
TEST_P(UsageCountLimitTest, TestSingleUseKeyAndRollbackResistance) {
- if (SecLevel() == SecurityLevel::STRONGBOX) return;
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Test not applicable to StrongBox device";
+ }
auto error = GenerateKey(AuthorizationSetBuilder()
.RsaSigningKey(2048, 65537)
@@ -6027,38 +6053,39 @@
.Authorization(TAG_NO_AUTH_REQUIRED)
.Authorization(TAG_ROLLBACK_RESISTANCE)
.SetDefaultValidity());
- ASSERT_TRUE(error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE || error == ErrorCode::OK);
-
- if (error == ErrorCode::OK) {
- // Rollback resistance is supported by KeyMint, verify it is enforced in hardware.
- AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
- ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
- ASSERT_EQ(ErrorCode::OK, DeleteKey());
-
- // The KeyMint should also enforce single use key in hardware when it supports rollback
- // resistance.
- ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .RsaSigningKey(1024, 65537)
- .NoDigestOrPadding()
- .Authorization(TAG_USAGE_COUNT_LIMIT, 1)
- .SetDefaultValidity()));
-
- // Check the usage count limit tag appears in the hardware authorizations.
- AuthorizationSet hardware_auths = HwEnforcedAuthorizations(key_characteristics_);
- EXPECT_TRUE(hardware_auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U))
- << "key usage count limit " << 1U << " missing";
-
- string message = "1234567890123456";
- auto params = AuthorizationSetBuilder().NoDigestOrPadding();
-
- // First usage of RSA key should work.
- SignMessage(message, params);
-
- // Usage count limit tag is enforced by hardware. After using the key, the key blob
- // must be invalidated from secure storage (such as RPMB partition).
- EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB, Begin(KeyPurpose::SIGN, params));
+ if (error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE) {
+ GTEST_SKIP() << "Rollback resistance not supported";
}
+
+ // Rollback resistance is supported by KeyMint, verify it is enforced in hardware.
+ ASSERT_EQ(ErrorCode::OK, error);
+ AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
+ ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
+ ASSERT_EQ(ErrorCode::OK, DeleteKey());
+
+ // The KeyMint should also enforce single use key in hardware when it supports rollback
+ // resistance.
+ ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .RsaSigningKey(1024, 65537)
+ .NoDigestOrPadding()
+ .Authorization(TAG_USAGE_COUNT_LIMIT, 1)
+ .SetDefaultValidity()));
+
+ // Check the usage count limit tag appears in the hardware authorizations.
+ AuthorizationSet hardware_auths = HwEnforcedAuthorizations(key_characteristics_);
+ EXPECT_TRUE(hardware_auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U))
+ << "key usage count limit " << 1U << " missing";
+
+ string message = "1234567890123456";
+ auto params = AuthorizationSetBuilder().NoDigestOrPadding();
+
+ // First usage of RSA key should work.
+ SignMessage(message, params);
+
+ // Usage count limit tag is enforced by hardware. After using the key, the key blob
+ // must be invalidated from secure storage (such as RPMB partition).
+ EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB, Begin(KeyPurpose::SIGN, params));
}
INSTANTIATE_KEYMINT_AIDL_TEST(UsageCountLimitTest);
@@ -6135,24 +6162,25 @@
.Authorization(TAG_NO_AUTH_REQUIRED)
.Authorization(TAG_ROLLBACK_RESISTANCE)
.SetDefaultValidity());
- ASSERT_TRUE(error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE || error == ErrorCode::OK);
+ if (error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE) {
+ GTEST_SKIP() << "Rollback resistance not supported";
+ }
// Delete must work if rollback protection is implemented
- if (error == ErrorCode::OK) {
- AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
- ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
+ ASSERT_EQ(ErrorCode::OK, error);
+ AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
+ ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
- ASSERT_EQ(ErrorCode::OK, DeleteKey(true /* keep key blob */));
+ ASSERT_EQ(ErrorCode::OK, DeleteKey(true /* keep key blob */));
- string message = "12345678901234567890123456789012";
- AuthorizationSet begin_out_params;
- EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB,
- Begin(KeyPurpose::SIGN, key_blob_,
- AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE),
- &begin_out_params));
- AbortIfNeeded();
- key_blob_ = AidlBuf();
- }
+ string message = "12345678901234567890123456789012";
+ AuthorizationSet begin_out_params;
+ EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB,
+ Begin(KeyPurpose::SIGN, key_blob_,
+ AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE),
+ &begin_out_params));
+ AbortIfNeeded();
+ key_blob_ = AidlBuf();
}
/**
@@ -6169,21 +6197,22 @@
.Authorization(TAG_NO_AUTH_REQUIRED)
.Authorization(TAG_ROLLBACK_RESISTANCE)
.SetDefaultValidity());
- ASSERT_TRUE(error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE || error == ErrorCode::OK);
+ if (error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE) {
+ GTEST_SKIP() << "Rollback resistance not supported";
+ }
// Delete must work if rollback protection is implemented
- if (error == ErrorCode::OK) {
- AuthorizationSet enforced(SecLevelAuthorizations());
- ASSERT_TRUE(enforced.Contains(TAG_ROLLBACK_RESISTANCE));
+ ASSERT_EQ(ErrorCode::OK, error);
+ AuthorizationSet enforced(SecLevelAuthorizations());
+ ASSERT_TRUE(enforced.Contains(TAG_ROLLBACK_RESISTANCE));
- // Delete the key we don't care about the result at this point.
- DeleteKey();
+ // Delete the key we don't care about the result at this point.
+ DeleteKey();
- // Now create an invalid key blob and delete it.
- key_blob_ = AidlBuf("just some garbage data which is not a valid key blob");
+ // Now create an invalid key blob and delete it.
+ key_blob_ = AidlBuf("just some garbage data which is not a valid key blob");
- ASSERT_EQ(ErrorCode::OK, DeleteKey());
- }
+ ASSERT_EQ(ErrorCode::OK, DeleteKey());
}
/**
@@ -6198,7 +6227,10 @@
* credentials stored in Keystore/Keymint.
*/
TEST_P(KeyDeletionTest, DeleteAllKeys) {
- if (!arm_deleteAllKeys) return;
+ if (!arm_deleteAllKeys) {
+ GTEST_SKIP() << "Option --arm_deleteAllKeys not set";
+ return;
+ }
auto error = GenerateKey(AuthorizationSetBuilder()
.RsaSigningKey(2048, 65537)
.Digest(Digest::NONE)
@@ -6206,25 +6238,26 @@
.Authorization(TAG_NO_AUTH_REQUIRED)
.Authorization(TAG_ROLLBACK_RESISTANCE)
.SetDefaultValidity());
- ASSERT_TRUE(error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE || error == ErrorCode::OK);
+ if (error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE) {
+ GTEST_SKIP() << "Rollback resistance not supported";
+ }
// Delete must work if rollback protection is implemented
- if (error == ErrorCode::OK) {
- AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
- ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
+ ASSERT_EQ(ErrorCode::OK, error);
+ AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
+ ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
- ASSERT_EQ(ErrorCode::OK, DeleteAllKeys());
+ ASSERT_EQ(ErrorCode::OK, DeleteAllKeys());
- string message = "12345678901234567890123456789012";
- AuthorizationSet begin_out_params;
+ string message = "12345678901234567890123456789012";
+ AuthorizationSet begin_out_params;
- EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB,
- Begin(KeyPurpose::SIGN, key_blob_,
- AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE),
- &begin_out_params));
- AbortIfNeeded();
- key_blob_ = AidlBuf();
- }
+ EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB,
+ Begin(KeyPurpose::SIGN, key_blob_,
+ AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE),
+ &begin_out_params));
+ AbortIfNeeded();
+ key_blob_ = AidlBuf();
}
INSTANTIATE_KEYMINT_AIDL_TEST(KeyDeletionTest);