hwcryptohal: VTS caiman bug
Disabling HwCryptoHal tests from platforms the service
is not present.
Bug: 402173715
Test: build test/ manual test run on qemu
Change-Id: Ia814d93bf91d9c63b39a4f1bbd16dca3f6235113
diff --git a/security/see/hwcrypto/aidl/vts/functional/Android.bp b/security/see/hwcrypto/aidl/vts/functional/Android.bp
index eb2eba1..fc63878 100644
--- a/security/see/hwcrypto/aidl/vts/functional/Android.bp
+++ b/security/see/hwcrypto/aidl/vts/functional/Android.bp
@@ -53,9 +53,11 @@
rust_test {
name: "VtsAidlHwCryptoTests",
srcs: ["hwcryptokey_tests.rs"],
+ test_config: "AndroidKeyOperations.xml",
require_root: true,
defaults: [
"hw_crypto_hal_aidl_rust_defaults",
+ "rdroidtest.defaults",
],
rustlibs: [
"libhwcryptohal_vts_test",
@@ -69,9 +71,11 @@
rust_test {
name: "VtsAidlHwCryptoOperationsTests",
srcs: ["hwcrypto_operations_tests.rs"],
+ test_config: "AndroidTestOperations.xml",
require_root: true,
defaults: [
"hw_crypto_hal_aidl_rust_defaults",
+ "rdroidtest.defaults",
],
rustlibs: [
"libhwcryptohal_vts_test",
diff --git a/security/see/hwcrypto/aidl/vts/functional/AndroidKeyOperations.xml b/security/see/hwcrypto/aidl/vts/functional/AndroidKeyOperations.xml
new file mode 100644
index 0000000..57229d7
--- /dev/null
+++ b/security/see/hwcrypto/aidl/vts/functional/AndroidKeyOperations.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (C) 2025 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<configuration description="Config for HwCrypto HAL operations VTS tests.">
+ <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer"/>
+
+ <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
+ <option name="push-file" key="VtsAidlHwCryptoTests" value="/data/local/tmp/VtsAidlHwCryptoTests" />
+ </target_preparer>
+
+ <test class="com.android.tradefed.testtype.rust.RustBinaryTest" >
+ <option name="test-device-path" value="/data/local/tmp" />
+ <option name="module-name" value="VtsAidlHwCryptoTests" />
+ <!-- Rust tests are run in parallel by default. Run these ones
+ single-threaded. -->
+ <option name="native-test-flag" value="--test-threads=1" />
+ </test>
+</configuration>
\ No newline at end of file
diff --git a/security/see/hwcrypto/aidl/vts/functional/AndroidTestOperations.xml b/security/see/hwcrypto/aidl/vts/functional/AndroidTestOperations.xml
new file mode 100644
index 0000000..f069b3b
--- /dev/null
+++ b/security/see/hwcrypto/aidl/vts/functional/AndroidTestOperations.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (C) 2025 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<configuration description="Config for HwCrypto HAL device key VTS tests.">
+ <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer"/>
+
+ <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
+ <option name="push-file" key="VtsAidlHwCryptoOperationsTests" value="/data/local/tmp/VtsAidlHwCryptoOperationsTests" />
+ </target_preparer>
+
+ <test class="com.android.tradefed.testtype.rust.RustBinaryTest" >
+ <option name="test-device-path" value="/data/local/tmp" />
+ <option name="module-name" value="VtsAidlHwCryptoOperationsTests" />
+ <!-- Rust tests are run in parallel by default. Run these ones
+ single-threaded. -->
+ <option name="native-test-flag" value="--test-threads=1" />
+ </test>
+</configuration>
\ No newline at end of file
diff --git a/security/see/hwcrypto/aidl/vts/functional/hwcrypto_operations_tests.rs b/security/see/hwcrypto/aidl/vts/functional/hwcrypto_operations_tests.rs
index 521fb73..69a34e3 100644
--- a/security/see/hwcrypto/aidl/vts/functional/hwcrypto_operations_tests.rs
+++ b/security/see/hwcrypto/aidl/vts/functional/hwcrypto_operations_tests.rs
@@ -27,8 +27,10 @@
KeyPolicy::KeyPolicy,CryptoOperation::CryptoOperation,CryptoOperationSet::CryptoOperationSet,
OperationParameters::OperationParameters, PatternParameters::PatternParameters,
};
+use rdroidtest::{ignore_if, rdroidtest};
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_key_operations_connection() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -36,7 +38,8 @@
assert!(hw_crypto_operations.is_ok(), "Couldn't get back a hwcrypto operations binder object");
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_key_operations_simple_aes_test() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -123,7 +126,8 @@
assert_eq!(decrypted_msg, "string to be encrypted", "couldn't retrieve original message");
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_key_operations_simple_hmac_test() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -183,7 +187,8 @@
assert_eq!(mac, mac2, "got a different mac");
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_key_operations_aes_simple_cbcs_test_non_block_multiple() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -280,7 +285,8 @@
);
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_key_operations_aes_simple_all_encrypted_cbcs_test() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -402,7 +408,8 @@
);
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn check_cbcs_wrong_key_types() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -473,7 +480,8 @@
assert!(process_result.is_err(), "Should not be able to use cbcs mode with this key type");
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn aes_simple_cbcs_test() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -584,3 +592,5 @@
"couldn't retrieve original message"
);
}
+
+rdroidtest::test_main!();
diff --git a/security/see/hwcrypto/aidl/vts/functional/hwcryptokey_tests.rs b/security/see/hwcrypto/aidl/vts/functional/hwcryptokey_tests.rs
index fcce839..8b4d924 100644
--- a/security/see/hwcrypto/aidl/vts/functional/hwcryptokey_tests.rs
+++ b/security/see/hwcrypto/aidl/vts/functional/hwcryptokey_tests.rs
@@ -26,14 +26,17 @@
};
use android_hardware_security_see_hwcrypto::aidl::android::hardware::security::see::hwcrypto::KeyPolicy::KeyPolicy;
use hwcryptohal_common;
+use rdroidtest::{ignore_if, rdroidtest};
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_key_connection() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey();
assert!(hw_crypto_key.is_ok(), "Couldn't get back a hwcryptokey binder object");
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_key_get_current_dice_policy() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -41,7 +44,8 @@
assert!(!dice_policy.is_empty(), "received empty dice policy");
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_get_keyslot_data() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -55,7 +59,8 @@
);
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_import_clear_key() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -83,7 +88,8 @@
assert!(key.is_err(), "imported keys should be of type PORTABLE");
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_token_export_import() {
// This test is not representative of the complete flow because here the exporter and importer
// are the same client, which is not something we would usually do
@@ -107,7 +113,8 @@
// TODO: Use operations to verify that the keys match
}
-#[test]
+#[rdroidtest]
+#[ignore_if(hwcryptohal_vts_test::ignore_test())]
fn test_hwcrypto_android_invalid_calls() {
let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey()
.expect("Couldn't get back a hwcryptokey binder object");
@@ -163,3 +170,5 @@
"wrong error type received"
);
}
+
+rdroidtest::test_main!();
diff --git a/security/see/hwcrypto/aidl/vts/functional/lib.rs b/security/see/hwcrypto/aidl/vts/functional/lib.rs
index 465dde7..43676f6 100644
--- a/security/see/hwcrypto/aidl/vts/functional/lib.rs
+++ b/security/see/hwcrypto/aidl/vts/functional/lib.rs
@@ -18,11 +18,26 @@
//! It provides the base clases necessaries to write HwCrypto VTS tests
use anyhow::Result;
-use android_hardware_security_see_hwcrypto::aidl::android::hardware::security::see::hwcrypto::IHwCryptoKey::BpHwCryptoKey;
use android_hardware_security_see_hwcrypto::aidl::android::hardware::security::see::hwcrypto::IHwCryptoKey::IHwCryptoKey;
+pub const HWCRYPTO_SERVICE: &str = "android.hardware.security.see.hwcrypto.IHwCryptoKey";
+
/// Get a HwCryptoKey binder service object using the service manager
pub fn get_hwcryptokey() -> Result<binder::Strong<dyn IHwCryptoKey>, binder::Status> {
- let interface_name = <BpHwCryptoKey as IHwCryptoKey>::get_descriptor().to_owned() + "/default";
+ let interface_name = HWCRYPTO_SERVICE.to_owned() + "/default";
Ok(binder::get_interface(&interface_name)?)
}
+
+pub fn get_supported_instances() -> Vec<(String, String)> {
+ // Determine which instances are available.
+ binder::get_declared_instances(HWCRYPTO_SERVICE)
+ .unwrap_or_default()
+ .into_iter()
+ .map(|v| (v.clone(), v))
+ .collect()
+}
+
+pub fn ignore_test() -> bool {
+ let instances = get_supported_instances();
+ instances.len() == 0
+}