Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / 08839105dc93d9431f03c8cb1cd3c4e7d85866fd / . / keymaster / 4.0 / vts / functional / KeymasterHidlTest.cpp
blob: e266a86ed9742e05ecb53d415eec35568cc6ff0e [file] [log] [blame]
Shawn Willden252233d2018-01-02 15:13:46 -0700[diff] [blame]1/*
2 * Copyright (C) 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "KeymasterHidlTest.h"
18
19#include <android/hidl/manager/1.0/IServiceManager.h>
20
21#include <keymasterV4_0/key_param_output.h>
22
23namespace android {
24namespace hardware {
25namespace keymaster {
26namespace V4_0 {
27
28::std::ostream& operator<<(::std::ostream& os, const AuthorizationSet& set) {
29 if (set.size() == 0)
30 os << "(Empty)" << ::std::endl;
31 else {
32 os << "\n";
33 for (size_t i = 0; i < set.size(); ++i) os << set[i] << ::std::endl;
34 }
35 return os;
36}
37
38namespace test {
39
40sp<IKeymasterDevice> KeymasterHidlTest::keymaster_;
41std::vector<sp<IKeymasterDevice>> KeymasterHidlTest::all_keymasters_;
42uint32_t KeymasterHidlTest::os_version_;
43uint32_t KeymasterHidlTest::os_patch_level_;
44SecurityLevel KeymasterHidlTest::securityLevel_;
45hidl_string KeymasterHidlTest::name_;
46hidl_string KeymasterHidlTest::author_;
47
48void KeymasterHidlTest::SetUpTestCase() {
49 string service_name = KeymasterHidlEnvironment::Instance()->getServiceName<IKeymasterDevice>();
50 keymaster_ = ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(service_name);
51 ASSERT_NE(keymaster_, nullptr);
52
53 ASSERT_TRUE(keymaster_
54 ->getHardwareInfo([&](SecurityLevel securityLevel, const hidl_string& name,
55 const hidl_string& author) {
56 securityLevel_ = securityLevel;
57 name_ = name;
58 author_ = author;
59 })
60 .isOk());
61
62 os_version_ = ::keymaster::GetOsVersion();
63 os_patch_level_ = ::keymaster::GetOsPatchlevel();
64
65 auto service_manager = android::hidl::manager::V1_0::IServiceManager::getService();
66 ASSERT_NE(nullptr, service_manager.get());
67
68 all_keymasters_.push_back(keymaster_);
69 service_manager->listByInterface(
70 IKeymasterDevice::descriptor, [&](const hidl_vec<hidl_string>& names) {
71 for (auto& name : names) {
72 if (name == service_name) continue;
73 auto keymaster =
74 ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(name);
75 ASSERT_NE(keymaster, nullptr);
76 all_keymasters_.push_back(keymaster);
77 }
78 });
79}
80
81ErrorCode KeymasterHidlTest::GenerateKey(const AuthorizationSet& key_desc, HidlBuf* key_blob,
82 KeyCharacteristics* key_characteristics) {
83 EXPECT_NE(key_blob, nullptr) << "Key blob pointer must not be null. Test bug";
84 EXPECT_EQ(0U, key_blob->size()) << "Key blob not empty before generating key. Test bug.";
85 EXPECT_NE(key_characteristics, nullptr)
86 << "Previous characteristics not deleted before generating key. Test bug.";
87
88 ErrorCode error;
89 EXPECT_TRUE(keymaster_
90 ->generateKey(key_desc.hidl_data(),
91 [&](ErrorCode hidl_error, const HidlBuf& hidl_key_blob,
92 const KeyCharacteristics& hidl_key_characteristics) {
93 error = hidl_error;
94 *key_blob = hidl_key_blob;
95 *key_characteristics = hidl_key_characteristics;
96 })
97 .isOk());
98 // On error, blob & characteristics should be empty.
99 if (error != ErrorCode::OK) {
100 EXPECT_EQ(0U, key_blob->size());
101 EXPECT_EQ(0U, (key_characteristics->softwareEnforced.size() +
102 key_characteristics->hardwareEnforced.size()));
103 }
104 return error;
105}
106
107ErrorCode KeymasterHidlTest::GenerateKey(const AuthorizationSet& key_desc) {
108 return GenerateKey(key_desc, &key_blob_, &key_characteristics_);
109}
110
111ErrorCode KeymasterHidlTest::ImportKey(const AuthorizationSet& key_desc, KeyFormat format,
112 const string& key_material, HidlBuf* key_blob,
113 KeyCharacteristics* key_characteristics) {
114 ErrorCode error;
115 EXPECT_TRUE(keymaster_
116 ->importKey(key_desc.hidl_data(), format, HidlBuf(key_material),
117 [&](ErrorCode hidl_error, const HidlBuf& hidl_key_blob,
118 const KeyCharacteristics& hidl_key_characteristics) {
119 error = hidl_error;
120 *key_blob = hidl_key_blob;
121 *key_characteristics = hidl_key_characteristics;
122 })
123 .isOk());
124 // On error, blob & characteristics should be empty.
125 if (error != ErrorCode::OK) {
126 EXPECT_EQ(0U, key_blob->size());
127 EXPECT_EQ(0U, (key_characteristics->softwareEnforced.size() +
128 key_characteristics->hardwareEnforced.size()));
129 }
130 return error;
131}
132
133ErrorCode KeymasterHidlTest::ImportKey(const AuthorizationSet& key_desc, KeyFormat format,
134 const string& key_material) {
135 return ImportKey(key_desc, format, key_material, &key_blob_, &key_characteristics_);
136}
137
138ErrorCode KeymasterHidlTest::ImportWrappedKey(string wrapped_key, string wrapping_key,
139 const AuthorizationSet& wrapping_key_desc,
Shawn Willden8d28efa2018-01-19 13:37:42 -0700[diff] [blame]140 string masking_key,
141 const AuthorizationSet& unwrapping_params) {
Shawn Willden252233d2018-01-02 15:13:46 -0700[diff] [blame]142 ErrorCode error;
143 ImportKey(wrapping_key_desc, KeyFormat::PKCS8, wrapping_key);
144 EXPECT_TRUE(keymaster_
145 ->importWrappedKey(HidlBuf(wrapped_key), key_blob_, HidlBuf(masking_key),
Shawn Willden8d28efa2018-01-19 13:37:42 -0700[diff] [blame]146 unwrapping_params.hidl_data(), 0 /* passwordSid */,
147 0 /* biometricSid */,
Shawn Willden252233d2018-01-02 15:13:46 -0700[diff] [blame]148 [&](ErrorCode hidl_error, const HidlBuf& hidl_key_blob,
149 const KeyCharacteristics& hidl_key_characteristics) {
150 error = hidl_error;
151 key_blob_ = hidl_key_blob;
152 key_characteristics_ = hidl_key_characteristics;
153 })
154 .isOk());
155 return error;
156}
157
158ErrorCode KeymasterHidlTest::ExportKey(KeyFormat format, const HidlBuf& key_blob,
159 const HidlBuf& client_id, const HidlBuf& app_data,
160 HidlBuf* key_material) {
161 ErrorCode error;
162 EXPECT_TRUE(keymaster_
163 ->exportKey(format, key_blob, client_id, app_data,
164 [&](ErrorCode hidl_error_code, const HidlBuf& hidl_key_material) {
165 error = hidl_error_code;
166 *key_material = hidl_key_material;
167 })
168 .isOk());
169 // On error, blob should be empty.
170 if (error != ErrorCode::OK) {
171 EXPECT_EQ(0U, key_material->size());
172 }
173 return error;
174}
175
176ErrorCode KeymasterHidlTest::ExportKey(KeyFormat format, HidlBuf* key_material) {
177 HidlBuf client_id, app_data;
178 return ExportKey(format, key_blob_, client_id, app_data, key_material);
179}
180
181ErrorCode KeymasterHidlTest::DeleteKey(HidlBuf* key_blob, bool keep_key_blob) {
182 auto rc = keymaster_->deleteKey(*key_blob);
183 if (!keep_key_blob) *key_blob = HidlBuf();
184 if (!rc.isOk()) return ErrorCode::UNKNOWN_ERROR;
185 return rc;
186}
187
188ErrorCode KeymasterHidlTest::DeleteKey(bool keep_key_blob) {
189 return DeleteKey(&key_blob_, keep_key_blob);
190}
191
192ErrorCode KeymasterHidlTest::DeleteAllKeys() {
193 ErrorCode error = keymaster_->deleteAllKeys();
194 return error;
195}
196
197void KeymasterHidlTest::CheckedDeleteKey(HidlBuf* key_blob, bool keep_key_blob) {
198 auto rc = DeleteKey(key_blob, keep_key_blob);
199 EXPECT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED);
200}
201
202void KeymasterHidlTest::CheckedDeleteKey() {
203 CheckedDeleteKey(&key_blob_);
204}
205
206ErrorCode KeymasterHidlTest::GetCharacteristics(const HidlBuf& key_blob, const HidlBuf& client_id,
207 const HidlBuf& app_data,
208 KeyCharacteristics* key_characteristics) {
209 ErrorCode error = ErrorCode::UNKNOWN_ERROR;
210 EXPECT_TRUE(
211 keymaster_
212 ->getKeyCharacteristics(
213 key_blob, client_id, app_data,
214 [&](ErrorCode hidl_error, const KeyCharacteristics& hidl_key_characteristics) {
215 error = hidl_error, *key_characteristics = hidl_key_characteristics;
216 })
217 .isOk());
218 return error;
219}
220
221ErrorCode KeymasterHidlTest::GetCharacteristics(const HidlBuf& key_blob,
222 KeyCharacteristics* key_characteristics) {
223 HidlBuf client_id, app_data;
224 return GetCharacteristics(key_blob, client_id, app_data, key_characteristics);
225}
226
227ErrorCode KeymasterHidlTest::Begin(KeyPurpose purpose, const HidlBuf& key_blob,
228 const AuthorizationSet& in_params, AuthorizationSet* out_params,
229 OperationHandle* op_handle) {
230 SCOPED_TRACE("Begin");
231 ErrorCode error;
232 OperationHandle saved_handle = *op_handle;
233 EXPECT_TRUE(keymaster_
234 ->begin(purpose, key_blob, in_params.hidl_data(), HardwareAuthToken(),
235 [&](ErrorCode hidl_error, const hidl_vec<KeyParameter>& hidl_out_params,
236 uint64_t hidl_op_handle) {
237 error = hidl_error;
238 *out_params = hidl_out_params;
239 *op_handle = hidl_op_handle;
240 })
241 .isOk());
242 if (error != ErrorCode::OK) {
243 // Some implementations may modify *op_handle on error.
244 *op_handle = saved_handle;
245 }
246 return error;
247}
248
249ErrorCode KeymasterHidlTest::Begin(KeyPurpose purpose, const AuthorizationSet& in_params,
250 AuthorizationSet* out_params) {
251 SCOPED_TRACE("Begin");
252 EXPECT_EQ(kOpHandleSentinel, op_handle_);
253 return Begin(purpose, key_blob_, in_params, out_params, &op_handle_);
254}
255
256ErrorCode KeymasterHidlTest::Begin(KeyPurpose purpose, const AuthorizationSet& in_params) {
257 SCOPED_TRACE("Begin");
258 AuthorizationSet out_params;
259 ErrorCode error = Begin(purpose, in_params, &out_params);
260 EXPECT_TRUE(out_params.empty());
261 return error;
262}
263
264ErrorCode KeymasterHidlTest::Update(OperationHandle op_handle, const AuthorizationSet& in_params,
265 const string& input, AuthorizationSet* out_params,
266 string* output, size_t* input_consumed) {
267 SCOPED_TRACE("Update");
268 ErrorCode error;
269 EXPECT_TRUE(keymaster_
270 ->update(op_handle, in_params.hidl_data(), HidlBuf(input), HardwareAuthToken(),
271 VerificationToken(),
272 [&](ErrorCode hidl_error, uint32_t hidl_input_consumed,
273 const hidl_vec<KeyParameter>& hidl_out_params,
274 const HidlBuf& hidl_output) {
275 error = hidl_error;
276 out_params->push_back(AuthorizationSet(hidl_out_params));
277 output->append(hidl_output.to_string());
278 *input_consumed = hidl_input_consumed;
279 })
280 .isOk());
281 return error;
282}
283
284ErrorCode KeymasterHidlTest::Update(const string& input, string* out, size_t* input_consumed) {
285 SCOPED_TRACE("Update");
286 AuthorizationSet out_params;
287 ErrorCode error = Update(op_handle_, AuthorizationSet() /* in_params */, input, &out_params,
288 out, input_consumed);
289 EXPECT_TRUE(out_params.empty());
290 return error;
291}
292
293ErrorCode KeymasterHidlTest::Finish(OperationHandle op_handle, const AuthorizationSet& in_params,
294 const string& input, const string& signature,
295 AuthorizationSet* out_params, string* output) {
296 SCOPED_TRACE("Finish");
297 ErrorCode error;
298 EXPECT_TRUE(
299 keymaster_
300 ->finish(op_handle, in_params.hidl_data(), HidlBuf(input), HidlBuf(signature),
301 HardwareAuthToken(), VerificationToken(),
302 [&](ErrorCode hidl_error, const hidl_vec<KeyParameter>& hidl_out_params,
303 const HidlBuf& hidl_output) {
304 error = hidl_error;
305 *out_params = hidl_out_params;
306 output->append(hidl_output.to_string());
307 })
308 .isOk());
309 op_handle_ = kOpHandleSentinel; // So dtor doesn't Abort().
310 return error;
311}
312
313ErrorCode KeymasterHidlTest::Finish(const string& message, string* output) {
314 SCOPED_TRACE("Finish");
315 AuthorizationSet out_params;
316 string finish_output;
317 ErrorCode error = Finish(op_handle_, AuthorizationSet() /* in_params */, message,
318 "" /* signature */, &out_params, output);
319 if (error != ErrorCode::OK) {
320 return error;
321 }
322 EXPECT_EQ(0U, out_params.size());
323 return error;
324}
325
326ErrorCode KeymasterHidlTest::Finish(const string& message, const string& signature,
327 string* output) {
328 SCOPED_TRACE("Finish");
329 AuthorizationSet out_params;
330 ErrorCode error = Finish(op_handle_, AuthorizationSet() /* in_params */, message, signature,
331 &out_params, output);
332 op_handle_ = kOpHandleSentinel; // So dtor doesn't Abort().
333 if (error != ErrorCode::OK) {
334 return error;
335 }
336 EXPECT_EQ(0U, out_params.size());
337 return error;
338}
339
340ErrorCode KeymasterHidlTest::Abort(OperationHandle op_handle) {
341 SCOPED_TRACE("Abort");
342 auto retval = keymaster_->abort(op_handle);
343 EXPECT_TRUE(retval.isOk());
344 return retval;
345}
346
347void KeymasterHidlTest::AbortIfNeeded() {
348 SCOPED_TRACE("AbortIfNeeded");
349 if (op_handle_ != kOpHandleSentinel) {
350 EXPECT_EQ(ErrorCode::OK, Abort(op_handle_));
351 op_handle_ = kOpHandleSentinel;
352 }
353}
354
355ErrorCode KeymasterHidlTest::AttestKey(const HidlBuf& key_blob,
356 const AuthorizationSet& attest_params,
357 hidl_vec<hidl_vec<uint8_t>>* cert_chain) {
358 SCOPED_TRACE("AttestKey");
359 ErrorCode error;
360 auto rc = keymaster_->attestKey(
361 key_blob, attest_params.hidl_data(),
362 [&](ErrorCode hidl_error, const hidl_vec<hidl_vec<uint8_t>>& hidl_cert_chain) {
363 error = hidl_error;
364 *cert_chain = hidl_cert_chain;
365 });
366
367 EXPECT_TRUE(rc.isOk()) << rc.description();
368 if (!rc.isOk()) return ErrorCode::UNKNOWN_ERROR;
369
370 return error;
371}
372
373ErrorCode KeymasterHidlTest::AttestKey(const AuthorizationSet& attest_params,
374 hidl_vec<hidl_vec<uint8_t>>* cert_chain) {
375 SCOPED_TRACE("AttestKey");
376 return AttestKey(key_blob_, attest_params, cert_chain);
377}
378
379string KeymasterHidlTest::ProcessMessage(const HidlBuf& key_blob, KeyPurpose operation,
380 const string& message, const AuthorizationSet& in_params,
381 AuthorizationSet* out_params) {
382 SCOPED_TRACE("ProcessMessage");
383 AuthorizationSet begin_out_params;
384 EXPECT_EQ(ErrorCode::OK, Begin(operation, key_blob, in_params, &begin_out_params, &op_handle_));
385
386 string unused;
387 AuthorizationSet finish_params;
388 AuthorizationSet finish_out_params;
389 string output;
390 EXPECT_EQ(ErrorCode::OK,
391 Finish(op_handle_, finish_params, message, unused, &finish_out_params, &output));
392 op_handle_ = kOpHandleSentinel;
393
394 out_params->push_back(begin_out_params);
395 out_params->push_back(finish_out_params);
396 return output;
397}
398
399string KeymasterHidlTest::SignMessage(const HidlBuf& key_blob, const string& message,
400 const AuthorizationSet& params) {
401 SCOPED_TRACE("SignMessage");
402 AuthorizationSet out_params;
403 string signature = ProcessMessage(key_blob, KeyPurpose::SIGN, message, params, &out_params);
404 EXPECT_TRUE(out_params.empty());
405 return signature;
406}
407
408string KeymasterHidlTest::SignMessage(const string& message, const AuthorizationSet& params) {
409 SCOPED_TRACE("SignMessage");
410 return SignMessage(key_blob_, message, params);
411}
412
413string KeymasterHidlTest::MacMessage(const string& message, Digest digest, size_t mac_length) {
414 SCOPED_TRACE("MacMessage");
415 return SignMessage(
416 key_blob_, message,
417 AuthorizationSetBuilder().Digest(digest).Authorization(TAG_MAC_LENGTH, mac_length));
418}
419
420void KeymasterHidlTest::CheckHmacTestVector(const string& key, const string& message, Digest digest,
421 const string& expected_mac) {
422 SCOPED_TRACE("CheckHmacTestVector");
423 ASSERT_EQ(ErrorCode::OK,
424 ImportKey(AuthorizationSetBuilder()
425 .Authorization(TAG_NO_AUTH_REQUIRED)
426 .HmacKey(key.size() * 8)
427 .Authorization(TAG_MIN_MAC_LENGTH, expected_mac.size() * 8)
428 .Digest(digest),
429 KeyFormat::RAW, key));
430 string signature = MacMessage(message, digest, expected_mac.size() * 8);
431 EXPECT_EQ(expected_mac, signature)
432 << "Test vector didn't match for key of size " << key.size() << " message of size "
433 << message.size() << " and digest " << digest;
434 CheckedDeleteKey();
435}
436
437void KeymasterHidlTest::CheckAesCtrTestVector(const string& key, const string& nonce,
438 const string& message,
439 const string& expected_ciphertext) {
440 SCOPED_TRACE("CheckAesCtrTestVector");
441 ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()
442 .Authorization(TAG_NO_AUTH_REQUIRED)
443 .AesEncryptionKey(key.size() * 8)
444 .BlockMode(BlockMode::CTR)
445 .Authorization(TAG_CALLER_NONCE)
446 .Padding(PaddingMode::NONE),
447 KeyFormat::RAW, key));
448
449 auto params = AuthorizationSetBuilder()
450 .Authorization(TAG_NONCE, nonce.data(), nonce.size())
451 .BlockMode(BlockMode::CTR)
452 .Padding(PaddingMode::NONE);
453 AuthorizationSet out_params;
454 string ciphertext = EncryptMessage(key_blob_, message, params, &out_params);
455 EXPECT_EQ(expected_ciphertext, ciphertext);
456}
457
458void KeymasterHidlTest::CheckTripleDesTestVector(KeyPurpose purpose, BlockMode block_mode,
459 PaddingMode padding_mode, const string& key,
460 const string& iv, const string& input,
461 const string& expected_output) {
462 auto authset = AuthorizationSetBuilder()
463 .TripleDesEncryptionKey(key.size() * 7)
464 .BlockMode(block_mode)
Shawn Willden08839102018-03-29 20:54:51 -0600[diff] [blame^]465 .Authorization(TAG_NO_AUTH_REQUIRED)
Shawn Willden252233d2018-01-02 15:13:46 -0700[diff] [blame]466 .Padding(padding_mode);
467 if (iv.size()) authset.Authorization(TAG_CALLER_NONCE);
468 ASSERT_EQ(ErrorCode::OK, ImportKey(authset, KeyFormat::RAW, key));
469 auto begin_params = AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding_mode);
470 if (iv.size()) begin_params.Authorization(TAG_NONCE, iv.data(), iv.size());
471 AuthorizationSet output_params;
472 string output = ProcessMessage(key_blob_, purpose, input, begin_params, &output_params);
473 EXPECT_EQ(expected_output, output);
474}
475
476void KeymasterHidlTest::VerifyMessage(const HidlBuf& key_blob, const string& message,
477 const string& signature, const AuthorizationSet& params) {
478 SCOPED_TRACE("VerifyMessage");
479 AuthorizationSet begin_out_params;
480 ASSERT_EQ(ErrorCode::OK,
481 Begin(KeyPurpose::VERIFY, key_blob, params, &begin_out_params, &op_handle_));
482
483 string unused;
484 AuthorizationSet finish_params;
485 AuthorizationSet finish_out_params;
486 string output;
487 EXPECT_EQ(ErrorCode::OK,
488 Finish(op_handle_, finish_params, message, signature, &finish_out_params, &output));
489 op_handle_ = kOpHandleSentinel;
490 EXPECT_TRUE(output.empty());
491}
492
493void KeymasterHidlTest::VerifyMessage(const string& message, const string& signature,
494 const AuthorizationSet& params) {
495 SCOPED_TRACE("VerifyMessage");
496 VerifyMessage(key_blob_, message, signature, params);
497}
498
499string KeymasterHidlTest::EncryptMessage(const HidlBuf& key_blob, const string& message,
500 const AuthorizationSet& in_params,
501 AuthorizationSet* out_params) {
502 SCOPED_TRACE("EncryptMessage");
503 return ProcessMessage(key_blob, KeyPurpose::ENCRYPT, message, in_params, out_params);
504}
505
506string KeymasterHidlTest::EncryptMessage(const string& message, const AuthorizationSet& params,
507 AuthorizationSet* out_params) {
508 SCOPED_TRACE("EncryptMessage");
509 return EncryptMessage(key_blob_, message, params, out_params);
510}
511
512string KeymasterHidlTest::EncryptMessage(const string& message, const AuthorizationSet& params) {
513 SCOPED_TRACE("EncryptMessage");
514 AuthorizationSet out_params;
515 string ciphertext = EncryptMessage(message, params, &out_params);
516 EXPECT_TRUE(out_params.empty()) << "Output params should be empty. Contained: " << out_params;
517 return ciphertext;
518}
519
520string KeymasterHidlTest::EncryptMessage(const string& message, BlockMode block_mode,
521 PaddingMode padding) {
522 SCOPED_TRACE("EncryptMessage");
523 auto params = AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding);
524 AuthorizationSet out_params;
525 string ciphertext = EncryptMessage(message, params, &out_params);
526 EXPECT_TRUE(out_params.empty()) << "Output params should be empty. Contained: " << out_params;
527 return ciphertext;
528}
529
530string KeymasterHidlTest::EncryptMessage(const string& message, BlockMode block_mode,
531 PaddingMode padding, HidlBuf* iv_out) {
532 SCOPED_TRACE("EncryptMessage");
533 auto params = AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding);
534 AuthorizationSet out_params;
535 string ciphertext = EncryptMessage(message, params, &out_params);
536 EXPECT_EQ(1U, out_params.size());
537 auto ivVal = out_params.GetTagValue(TAG_NONCE);
538 EXPECT_TRUE(ivVal.isOk());
Shawn Willden08839102018-03-29 20:54:51 -0600[diff] [blame^]539 if (ivVal.isOk()) *iv_out = ivVal.value();
Shawn Willden252233d2018-01-02 15:13:46 -0700[diff] [blame]540 return ciphertext;
541}
542
543string KeymasterHidlTest::EncryptMessage(const string& message, BlockMode block_mode,
544 PaddingMode padding, const HidlBuf& iv_in) {
545 SCOPED_TRACE("EncryptMessage");
546 auto params = AuthorizationSetBuilder()
547 .BlockMode(block_mode)
548 .Padding(padding)
549 .Authorization(TAG_NONCE, iv_in);
550 AuthorizationSet out_params;
551 string ciphertext = EncryptMessage(message, params, &out_params);
552 return ciphertext;
553}
554
555string KeymasterHidlTest::DecryptMessage(const HidlBuf& key_blob, const string& ciphertext,
556 const AuthorizationSet& params) {
557 SCOPED_TRACE("DecryptMessage");
558 AuthorizationSet out_params;
559 string plaintext =
560 ProcessMessage(key_blob, KeyPurpose::DECRYPT, ciphertext, params, &out_params);
561 EXPECT_TRUE(out_params.empty());
562 return plaintext;
563}
564
565string KeymasterHidlTest::DecryptMessage(const string& ciphertext, const AuthorizationSet& params) {
566 SCOPED_TRACE("DecryptMessage");
567 return DecryptMessage(key_blob_, ciphertext, params);
568}
569
570string KeymasterHidlTest::DecryptMessage(const string& ciphertext, BlockMode block_mode,
571 PaddingMode padding_mode, const HidlBuf& iv) {
572 SCOPED_TRACE("DecryptMessage");
573 auto params = AuthorizationSetBuilder()
574 .BlockMode(block_mode)
575 .Padding(padding_mode)
576 .Authorization(TAG_NONCE, iv);
577 return DecryptMessage(key_blob_, ciphertext, params);
578}
579
580std::pair<ErrorCode, HidlBuf> KeymasterHidlTest::UpgradeKey(const HidlBuf& key_blob) {
581 std::pair<ErrorCode, HidlBuf> retval;
582 keymaster_->upgradeKey(key_blob, hidl_vec<KeyParameter>(),
583 [&](ErrorCode error, const hidl_vec<uint8_t>& upgraded_blob) {
584 retval = std::tie(error, upgraded_blob);
585 });
586 return retval;
587}
588
589} // namespace test
590} // namespace V4_0
591} // namespace keymaster
592} // namespace hardware
593} // namespace android