Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / bb3d85eaa4c8564ea864df2dd5abea8c585e0408^! / . / security / keymint / aidl / vts / functional / KeyMintTest.cpp
commitbb3d85eaa4c8564ea864df2dd5abea8c585e0408[log] [tgz]
authorDavid Drysdale <drysdale@google.com>Tue Apr 13 11:15:51 2021 +0100
committerDavid Drysdale <drysdale@google.com>Fri Apr 30 14:50:14 2021 +0100
tree3ed50481d64bedf3a83fc7ae461a0fd9868a1b8b
parent7de9febd174214cfb9ac65ada12c2ceb988cd19d [diff] [blame]
Test for patchlevels and too much entropy

Add tests for:
 - Too much entropy should be rejected with INVALID_INPUT_LENGTH
 - All authorization lists should include a vendor and boot patchlevel.

These requirements are in both the KeyMint and the KeyMaster 4.0 AIDL
specificications, but have never been policed before.

Currently disabled with a command-line flag because CF does not have
the patchlevels and so fails lots of tests.

Test: VtsKeyMintAidlTargetTest
Change-Id: Ic9622ef3f1b80e013a34059218e3e029f392eb72

diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 287b4db..f9a99aa 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp

@@ -67,6 +67,8 @@
 
 namespace {
 
+bool check_patchLevels = false;
+
 template <TagType tag_type, Tag tag, typename ValueT>
 bool contains(const vector<KeyParameter>& set, TypedTag<tag_type, tag> ttag,
               ValueT expected_value) {
@@ -330,6 +332,15 @@
         EXPECT_TRUE(os_pl);
         EXPECT_EQ(*os_pl, os_patch_level());
 
+        if (check_patchLevels) {
+            // Should include vendor and boot patchlevels.
+            auto vendor_pl = auths.GetTagValue(TAG_VENDOR_PATCHLEVEL);
+            EXPECT_TRUE(vendor_pl);
+            EXPECT_EQ(*vendor_pl, vendor_patch_level());
+            auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL);
+            EXPECT_TRUE(boot_pl);
+        }
+
         return auths;
     }
 };
@@ -5312,6 +5323,16 @@
     EXPECT_TRUE(keyMint().addRngEntropy(AidlBuf(string(2 * 1024, 'a'))).isOk());
 }
 
+/*
+ * AddEntropyTest.AddTooLargeEntropy
+ *
+ * Verifies that the addRngEntropy method rejects more than 2KiB  of data.
+ */
+TEST_P(AddEntropyTest, AddTooLargeEntropy) {
+    ErrorCode rc = GetReturnErrorCode(keyMint().addRngEntropy(AidlBuf(string(2 * 1024 + 1, 'a'))));
+    EXPECT_EQ(ErrorCode::INVALID_INPUT_LENGTH, rc);
+}
+
 INSTANTIATE_KEYMINT_AIDL_TEST(AddEntropyTest);
 
 typedef KeyMintAidlTestBase KeyDeletionTest;
@@ -5765,6 +5786,10 @@
             } else {
                 std::cout << "NOT dumping attestations" << std::endl;
             }
+            // TODO(drysdale): Remove this flag when available KeyMint devices comply with spec
+            if (std::string(argv[i]) == "--check_patchLevels") {
+                aidl::android::hardware::security::keymint::test::check_patchLevels = true;
+            }
         }
     }
     return RUN_ALL_TESTS();