Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / 252233df69c298655f7c562f66dac31fab743e38 / . / keymaster / 4.0 / vts / functional / KeymasterHidlTest.cpp
blob: 13b6b2f7d7396a016e22c229ac9eda7f9b9db289 [file] [log] [blame]
Shawn Willden252233d2018-01-02 15:13:46 -0700[diff] [blame^]1/*
2 * Copyright (C) 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "KeymasterHidlTest.h"
18
19#include <android/hidl/manager/1.0/IServiceManager.h>
20
21#include <keymasterV4_0/key_param_output.h>
22
23namespace android {
24namespace hardware {
25namespace keymaster {
26namespace V4_0 {
27
28::std::ostream& operator<<(::std::ostream& os, const AuthorizationSet& set) {
29 if (set.size() == 0)
30 os << "(Empty)" << ::std::endl;
31 else {
32 os << "\n";
33 for (size_t i = 0; i < set.size(); ++i) os << set[i] << ::std::endl;
34 }
35 return os;
36}
37
38namespace test {
39
40sp<IKeymasterDevice> KeymasterHidlTest::keymaster_;
41std::vector<sp<IKeymasterDevice>> KeymasterHidlTest::all_keymasters_;
42uint32_t KeymasterHidlTest::os_version_;
43uint32_t KeymasterHidlTest::os_patch_level_;
44SecurityLevel KeymasterHidlTest::securityLevel_;
45hidl_string KeymasterHidlTest::name_;
46hidl_string KeymasterHidlTest::author_;
47
48void KeymasterHidlTest::SetUpTestCase() {
49 string service_name = KeymasterHidlEnvironment::Instance()->getServiceName<IKeymasterDevice>();
50 keymaster_ = ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(service_name);
51 ASSERT_NE(keymaster_, nullptr);
52
53 ASSERT_TRUE(keymaster_
54 ->getHardwareInfo([&](SecurityLevel securityLevel, const hidl_string& name,
55 const hidl_string& author) {
56 securityLevel_ = securityLevel;
57 name_ = name;
58 author_ = author;
59 })
60 .isOk());
61
62 os_version_ = ::keymaster::GetOsVersion();
63 os_patch_level_ = ::keymaster::GetOsPatchlevel();
64
65 auto service_manager = android::hidl::manager::V1_0::IServiceManager::getService();
66 ASSERT_NE(nullptr, service_manager.get());
67
68 all_keymasters_.push_back(keymaster_);
69 service_manager->listByInterface(
70 IKeymasterDevice::descriptor, [&](const hidl_vec<hidl_string>& names) {
71 for (auto& name : names) {
72 if (name == service_name) continue;
73 auto keymaster =
74 ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(name);
75 ASSERT_NE(keymaster, nullptr);
76 all_keymasters_.push_back(keymaster);
77 }
78 });
79}
80
81ErrorCode KeymasterHidlTest::GenerateKey(const AuthorizationSet& key_desc, HidlBuf* key_blob,
82 KeyCharacteristics* key_characteristics) {
83 EXPECT_NE(key_blob, nullptr) << "Key blob pointer must not be null. Test bug";
84 EXPECT_EQ(0U, key_blob->size()) << "Key blob not empty before generating key. Test bug.";
85 EXPECT_NE(key_characteristics, nullptr)
86 << "Previous characteristics not deleted before generating key. Test bug.";
87
88 ErrorCode error;
89 EXPECT_TRUE(keymaster_
90 ->generateKey(key_desc.hidl_data(),
91 [&](ErrorCode hidl_error, const HidlBuf& hidl_key_blob,
92 const KeyCharacteristics& hidl_key_characteristics) {
93 error = hidl_error;
94 *key_blob = hidl_key_blob;
95 *key_characteristics = hidl_key_characteristics;
96 })
97 .isOk());
98 // On error, blob & characteristics should be empty.
99 if (error != ErrorCode::OK) {
100 EXPECT_EQ(0U, key_blob->size());
101 EXPECT_EQ(0U, (key_characteristics->softwareEnforced.size() +
102 key_characteristics->hardwareEnforced.size()));
103 }
104 return error;
105}
106
107ErrorCode KeymasterHidlTest::GenerateKey(const AuthorizationSet& key_desc) {
108 return GenerateKey(key_desc, &key_blob_, &key_characteristics_);
109}
110
111ErrorCode KeymasterHidlTest::ImportKey(const AuthorizationSet& key_desc, KeyFormat format,
112 const string& key_material, HidlBuf* key_blob,
113 KeyCharacteristics* key_characteristics) {
114 ErrorCode error;
115 EXPECT_TRUE(keymaster_
116 ->importKey(key_desc.hidl_data(), format, HidlBuf(key_material),
117 [&](ErrorCode hidl_error, const HidlBuf& hidl_key_blob,
118 const KeyCharacteristics& hidl_key_characteristics) {
119 error = hidl_error;
120 *key_blob = hidl_key_blob;
121 *key_characteristics = hidl_key_characteristics;
122 })
123 .isOk());
124 // On error, blob & characteristics should be empty.
125 if (error != ErrorCode::OK) {
126 EXPECT_EQ(0U, key_blob->size());
127 EXPECT_EQ(0U, (key_characteristics->softwareEnforced.size() +
128 key_characteristics->hardwareEnforced.size()));
129 }
130 return error;
131}
132
133ErrorCode KeymasterHidlTest::ImportKey(const AuthorizationSet& key_desc, KeyFormat format,
134 const string& key_material) {
135 return ImportKey(key_desc, format, key_material, &key_blob_, &key_characteristics_);
136}
137
138ErrorCode KeymasterHidlTest::ImportWrappedKey(string wrapped_key, string wrapping_key,
139 const AuthorizationSet& wrapping_key_desc,
140 string masking_key) {
141 ErrorCode error;
142 ImportKey(wrapping_key_desc, KeyFormat::PKCS8, wrapping_key);
143 EXPECT_TRUE(keymaster_
144 ->importWrappedKey(HidlBuf(wrapped_key), key_blob_, HidlBuf(masking_key),
145 [&](ErrorCode hidl_error, const HidlBuf& hidl_key_blob,
146 const KeyCharacteristics& hidl_key_characteristics) {
147 error = hidl_error;
148 key_blob_ = hidl_key_blob;
149 key_characteristics_ = hidl_key_characteristics;
150 })
151 .isOk());
152 return error;
153}
154
155ErrorCode KeymasterHidlTest::ExportKey(KeyFormat format, const HidlBuf& key_blob,
156 const HidlBuf& client_id, const HidlBuf& app_data,
157 HidlBuf* key_material) {
158 ErrorCode error;
159 EXPECT_TRUE(keymaster_
160 ->exportKey(format, key_blob, client_id, app_data,
161 [&](ErrorCode hidl_error_code, const HidlBuf& hidl_key_material) {
162 error = hidl_error_code;
163 *key_material = hidl_key_material;
164 })
165 .isOk());
166 // On error, blob should be empty.
167 if (error != ErrorCode::OK) {
168 EXPECT_EQ(0U, key_material->size());
169 }
170 return error;
171}
172
173ErrorCode KeymasterHidlTest::ExportKey(KeyFormat format, HidlBuf* key_material) {
174 HidlBuf client_id, app_data;
175 return ExportKey(format, key_blob_, client_id, app_data, key_material);
176}
177
178ErrorCode KeymasterHidlTest::DeleteKey(HidlBuf* key_blob, bool keep_key_blob) {
179 auto rc = keymaster_->deleteKey(*key_blob);
180 if (!keep_key_blob) *key_blob = HidlBuf();
181 if (!rc.isOk()) return ErrorCode::UNKNOWN_ERROR;
182 return rc;
183}
184
185ErrorCode KeymasterHidlTest::DeleteKey(bool keep_key_blob) {
186 return DeleteKey(&key_blob_, keep_key_blob);
187}
188
189ErrorCode KeymasterHidlTest::DeleteAllKeys() {
190 ErrorCode error = keymaster_->deleteAllKeys();
191 return error;
192}
193
194void KeymasterHidlTest::CheckedDeleteKey(HidlBuf* key_blob, bool keep_key_blob) {
195 auto rc = DeleteKey(key_blob, keep_key_blob);
196 EXPECT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED);
197}
198
199void KeymasterHidlTest::CheckedDeleteKey() {
200 CheckedDeleteKey(&key_blob_);
201}
202
203ErrorCode KeymasterHidlTest::GetCharacteristics(const HidlBuf& key_blob, const HidlBuf& client_id,
204 const HidlBuf& app_data,
205 KeyCharacteristics* key_characteristics) {
206 ErrorCode error = ErrorCode::UNKNOWN_ERROR;
207 EXPECT_TRUE(
208 keymaster_
209 ->getKeyCharacteristics(
210 key_blob, client_id, app_data,
211 [&](ErrorCode hidl_error, const KeyCharacteristics& hidl_key_characteristics) {
212 error = hidl_error, *key_characteristics = hidl_key_characteristics;
213 })
214 .isOk());
215 return error;
216}
217
218ErrorCode KeymasterHidlTest::GetCharacteristics(const HidlBuf& key_blob,
219 KeyCharacteristics* key_characteristics) {
220 HidlBuf client_id, app_data;
221 return GetCharacteristics(key_blob, client_id, app_data, key_characteristics);
222}
223
224ErrorCode KeymasterHidlTest::Begin(KeyPurpose purpose, const HidlBuf& key_blob,
225 const AuthorizationSet& in_params, AuthorizationSet* out_params,
226 OperationHandle* op_handle) {
227 SCOPED_TRACE("Begin");
228 ErrorCode error;
229 OperationHandle saved_handle = *op_handle;
230 EXPECT_TRUE(keymaster_
231 ->begin(purpose, key_blob, in_params.hidl_data(), HardwareAuthToken(),
232 [&](ErrorCode hidl_error, const hidl_vec<KeyParameter>& hidl_out_params,
233 uint64_t hidl_op_handle) {
234 error = hidl_error;
235 *out_params = hidl_out_params;
236 *op_handle = hidl_op_handle;
237 })
238 .isOk());
239 if (error != ErrorCode::OK) {
240 // Some implementations may modify *op_handle on error.
241 *op_handle = saved_handle;
242 }
243 return error;
244}
245
246ErrorCode KeymasterHidlTest::Begin(KeyPurpose purpose, const AuthorizationSet& in_params,
247 AuthorizationSet* out_params) {
248 SCOPED_TRACE("Begin");
249 EXPECT_EQ(kOpHandleSentinel, op_handle_);
250 return Begin(purpose, key_blob_, in_params, out_params, &op_handle_);
251}
252
253ErrorCode KeymasterHidlTest::Begin(KeyPurpose purpose, const AuthorizationSet& in_params) {
254 SCOPED_TRACE("Begin");
255 AuthorizationSet out_params;
256 ErrorCode error = Begin(purpose, in_params, &out_params);
257 EXPECT_TRUE(out_params.empty());
258 return error;
259}
260
261ErrorCode KeymasterHidlTest::Update(OperationHandle op_handle, const AuthorizationSet& in_params,
262 const string& input, AuthorizationSet* out_params,
263 string* output, size_t* input_consumed) {
264 SCOPED_TRACE("Update");
265 ErrorCode error;
266 EXPECT_TRUE(keymaster_
267 ->update(op_handle, in_params.hidl_data(), HidlBuf(input), HardwareAuthToken(),
268 VerificationToken(),
269 [&](ErrorCode hidl_error, uint32_t hidl_input_consumed,
270 const hidl_vec<KeyParameter>& hidl_out_params,
271 const HidlBuf& hidl_output) {
272 error = hidl_error;
273 out_params->push_back(AuthorizationSet(hidl_out_params));
274 output->append(hidl_output.to_string());
275 *input_consumed = hidl_input_consumed;
276 })
277 .isOk());
278 return error;
279}
280
281ErrorCode KeymasterHidlTest::Update(const string& input, string* out, size_t* input_consumed) {
282 SCOPED_TRACE("Update");
283 AuthorizationSet out_params;
284 ErrorCode error = Update(op_handle_, AuthorizationSet() /* in_params */, input, &out_params,
285 out, input_consumed);
286 EXPECT_TRUE(out_params.empty());
287 return error;
288}
289
290ErrorCode KeymasterHidlTest::Finish(OperationHandle op_handle, const AuthorizationSet& in_params,
291 const string& input, const string& signature,
292 AuthorizationSet* out_params, string* output) {
293 SCOPED_TRACE("Finish");
294 ErrorCode error;
295 EXPECT_TRUE(
296 keymaster_
297 ->finish(op_handle, in_params.hidl_data(), HidlBuf(input), HidlBuf(signature),
298 HardwareAuthToken(), VerificationToken(),
299 [&](ErrorCode hidl_error, const hidl_vec<KeyParameter>& hidl_out_params,
300 const HidlBuf& hidl_output) {
301 error = hidl_error;
302 *out_params = hidl_out_params;
303 output->append(hidl_output.to_string());
304 })
305 .isOk());
306 op_handle_ = kOpHandleSentinel; // So dtor doesn't Abort().
307 return error;
308}
309
310ErrorCode KeymasterHidlTest::Finish(const string& message, string* output) {
311 SCOPED_TRACE("Finish");
312 AuthorizationSet out_params;
313 string finish_output;
314 ErrorCode error = Finish(op_handle_, AuthorizationSet() /* in_params */, message,
315 "" /* signature */, &out_params, output);
316 if (error != ErrorCode::OK) {
317 return error;
318 }
319 EXPECT_EQ(0U, out_params.size());
320 return error;
321}
322
323ErrorCode KeymasterHidlTest::Finish(const string& message, const string& signature,
324 string* output) {
325 SCOPED_TRACE("Finish");
326 AuthorizationSet out_params;
327 ErrorCode error = Finish(op_handle_, AuthorizationSet() /* in_params */, message, signature,
328 &out_params, output);
329 op_handle_ = kOpHandleSentinel; // So dtor doesn't Abort().
330 if (error != ErrorCode::OK) {
331 return error;
332 }
333 EXPECT_EQ(0U, out_params.size());
334 return error;
335}
336
337ErrorCode KeymasterHidlTest::Abort(OperationHandle op_handle) {
338 SCOPED_TRACE("Abort");
339 auto retval = keymaster_->abort(op_handle);
340 EXPECT_TRUE(retval.isOk());
341 return retval;
342}
343
344void KeymasterHidlTest::AbortIfNeeded() {
345 SCOPED_TRACE("AbortIfNeeded");
346 if (op_handle_ != kOpHandleSentinel) {
347 EXPECT_EQ(ErrorCode::OK, Abort(op_handle_));
348 op_handle_ = kOpHandleSentinel;
349 }
350}
351
352ErrorCode KeymasterHidlTest::AttestKey(const HidlBuf& key_blob,
353 const AuthorizationSet& attest_params,
354 hidl_vec<hidl_vec<uint8_t>>* cert_chain) {
355 SCOPED_TRACE("AttestKey");
356 ErrorCode error;
357 auto rc = keymaster_->attestKey(
358 key_blob, attest_params.hidl_data(),
359 [&](ErrorCode hidl_error, const hidl_vec<hidl_vec<uint8_t>>& hidl_cert_chain) {
360 error = hidl_error;
361 *cert_chain = hidl_cert_chain;
362 });
363
364 EXPECT_TRUE(rc.isOk()) << rc.description();
365 if (!rc.isOk()) return ErrorCode::UNKNOWN_ERROR;
366
367 return error;
368}
369
370ErrorCode KeymasterHidlTest::AttestKey(const AuthorizationSet& attest_params,
371 hidl_vec<hidl_vec<uint8_t>>* cert_chain) {
372 SCOPED_TRACE("AttestKey");
373 return AttestKey(key_blob_, attest_params, cert_chain);
374}
375
376string KeymasterHidlTest::ProcessMessage(const HidlBuf& key_blob, KeyPurpose operation,
377 const string& message, const AuthorizationSet& in_params,
378 AuthorizationSet* out_params) {
379 SCOPED_TRACE("ProcessMessage");
380 AuthorizationSet begin_out_params;
381 EXPECT_EQ(ErrorCode::OK, Begin(operation, key_blob, in_params, &begin_out_params, &op_handle_));
382
383 string unused;
384 AuthorizationSet finish_params;
385 AuthorizationSet finish_out_params;
386 string output;
387 EXPECT_EQ(ErrorCode::OK,
388 Finish(op_handle_, finish_params, message, unused, &finish_out_params, &output));
389 op_handle_ = kOpHandleSentinel;
390
391 out_params->push_back(begin_out_params);
392 out_params->push_back(finish_out_params);
393 return output;
394}
395
396string KeymasterHidlTest::SignMessage(const HidlBuf& key_blob, const string& message,
397 const AuthorizationSet& params) {
398 SCOPED_TRACE("SignMessage");
399 AuthorizationSet out_params;
400 string signature = ProcessMessage(key_blob, KeyPurpose::SIGN, message, params, &out_params);
401 EXPECT_TRUE(out_params.empty());
402 return signature;
403}
404
405string KeymasterHidlTest::SignMessage(const string& message, const AuthorizationSet& params) {
406 SCOPED_TRACE("SignMessage");
407 return SignMessage(key_blob_, message, params);
408}
409
410string KeymasterHidlTest::MacMessage(const string& message, Digest digest, size_t mac_length) {
411 SCOPED_TRACE("MacMessage");
412 return SignMessage(
413 key_blob_, message,
414 AuthorizationSetBuilder().Digest(digest).Authorization(TAG_MAC_LENGTH, mac_length));
415}
416
417void KeymasterHidlTest::CheckHmacTestVector(const string& key, const string& message, Digest digest,
418 const string& expected_mac) {
419 SCOPED_TRACE("CheckHmacTestVector");
420 ASSERT_EQ(ErrorCode::OK,
421 ImportKey(AuthorizationSetBuilder()
422 .Authorization(TAG_NO_AUTH_REQUIRED)
423 .HmacKey(key.size() * 8)
424 .Authorization(TAG_MIN_MAC_LENGTH, expected_mac.size() * 8)
425 .Digest(digest),
426 KeyFormat::RAW, key));
427 string signature = MacMessage(message, digest, expected_mac.size() * 8);
428 EXPECT_EQ(expected_mac, signature)
429 << "Test vector didn't match for key of size " << key.size() << " message of size "
430 << message.size() << " and digest " << digest;
431 CheckedDeleteKey();
432}
433
434void KeymasterHidlTest::CheckAesCtrTestVector(const string& key, const string& nonce,
435 const string& message,
436 const string& expected_ciphertext) {
437 SCOPED_TRACE("CheckAesCtrTestVector");
438 ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()
439 .Authorization(TAG_NO_AUTH_REQUIRED)
440 .AesEncryptionKey(key.size() * 8)
441 .BlockMode(BlockMode::CTR)
442 .Authorization(TAG_CALLER_NONCE)
443 .Padding(PaddingMode::NONE),
444 KeyFormat::RAW, key));
445
446 auto params = AuthorizationSetBuilder()
447 .Authorization(TAG_NONCE, nonce.data(), nonce.size())
448 .BlockMode(BlockMode::CTR)
449 .Padding(PaddingMode::NONE);
450 AuthorizationSet out_params;
451 string ciphertext = EncryptMessage(key_blob_, message, params, &out_params);
452 EXPECT_EQ(expected_ciphertext, ciphertext);
453}
454
455void KeymasterHidlTest::CheckTripleDesTestVector(KeyPurpose purpose, BlockMode block_mode,
456 PaddingMode padding_mode, const string& key,
457 const string& iv, const string& input,
458 const string& expected_output) {
459 auto authset = AuthorizationSetBuilder()
460 .TripleDesEncryptionKey(key.size() * 7)
461 .BlockMode(block_mode)
462 .Padding(padding_mode);
463 if (iv.size()) authset.Authorization(TAG_CALLER_NONCE);
464 ASSERT_EQ(ErrorCode::OK, ImportKey(authset, KeyFormat::RAW, key));
465 auto begin_params = AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding_mode);
466 if (iv.size()) begin_params.Authorization(TAG_NONCE, iv.data(), iv.size());
467 AuthorizationSet output_params;
468 string output = ProcessMessage(key_blob_, purpose, input, begin_params, &output_params);
469 EXPECT_EQ(expected_output, output);
470}
471
472void KeymasterHidlTest::VerifyMessage(const HidlBuf& key_blob, const string& message,
473 const string& signature, const AuthorizationSet& params) {
474 SCOPED_TRACE("VerifyMessage");
475 AuthorizationSet begin_out_params;
476 ASSERT_EQ(ErrorCode::OK,
477 Begin(KeyPurpose::VERIFY, key_blob, params, &begin_out_params, &op_handle_));
478
479 string unused;
480 AuthorizationSet finish_params;
481 AuthorizationSet finish_out_params;
482 string output;
483 EXPECT_EQ(ErrorCode::OK,
484 Finish(op_handle_, finish_params, message, signature, &finish_out_params, &output));
485 op_handle_ = kOpHandleSentinel;
486 EXPECT_TRUE(output.empty());
487}
488
489void KeymasterHidlTest::VerifyMessage(const string& message, const string& signature,
490 const AuthorizationSet& params) {
491 SCOPED_TRACE("VerifyMessage");
492 VerifyMessage(key_blob_, message, signature, params);
493}
494
495string KeymasterHidlTest::EncryptMessage(const HidlBuf& key_blob, const string& message,
496 const AuthorizationSet& in_params,
497 AuthorizationSet* out_params) {
498 SCOPED_TRACE("EncryptMessage");
499 return ProcessMessage(key_blob, KeyPurpose::ENCRYPT, message, in_params, out_params);
500}
501
502string KeymasterHidlTest::EncryptMessage(const string& message, const AuthorizationSet& params,
503 AuthorizationSet* out_params) {
504 SCOPED_TRACE("EncryptMessage");
505 return EncryptMessage(key_blob_, message, params, out_params);
506}
507
508string KeymasterHidlTest::EncryptMessage(const string& message, const AuthorizationSet& params) {
509 SCOPED_TRACE("EncryptMessage");
510 AuthorizationSet out_params;
511 string ciphertext = EncryptMessage(message, params, &out_params);
512 EXPECT_TRUE(out_params.empty()) << "Output params should be empty. Contained: " << out_params;
513 return ciphertext;
514}
515
516string KeymasterHidlTest::EncryptMessage(const string& message, BlockMode block_mode,
517 PaddingMode padding) {
518 SCOPED_TRACE("EncryptMessage");
519 auto params = AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding);
520 AuthorizationSet out_params;
521 string ciphertext = EncryptMessage(message, params, &out_params);
522 EXPECT_TRUE(out_params.empty()) << "Output params should be empty. Contained: " << out_params;
523 return ciphertext;
524}
525
526string KeymasterHidlTest::EncryptMessage(const string& message, BlockMode block_mode,
527 PaddingMode padding, HidlBuf* iv_out) {
528 SCOPED_TRACE("EncryptMessage");
529 auto params = AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding);
530 AuthorizationSet out_params;
531 string ciphertext = EncryptMessage(message, params, &out_params);
532 EXPECT_EQ(1U, out_params.size());
533 auto ivVal = out_params.GetTagValue(TAG_NONCE);
534 EXPECT_TRUE(ivVal.isOk());
535 *iv_out = ivVal.value();
536 return ciphertext;
537}
538
539string KeymasterHidlTest::EncryptMessage(const string& message, BlockMode block_mode,
540 PaddingMode padding, const HidlBuf& iv_in) {
541 SCOPED_TRACE("EncryptMessage");
542 auto params = AuthorizationSetBuilder()
543 .BlockMode(block_mode)
544 .Padding(padding)
545 .Authorization(TAG_NONCE, iv_in);
546 AuthorizationSet out_params;
547 string ciphertext = EncryptMessage(message, params, &out_params);
548 return ciphertext;
549}
550
551string KeymasterHidlTest::DecryptMessage(const HidlBuf& key_blob, const string& ciphertext,
552 const AuthorizationSet& params) {
553 SCOPED_TRACE("DecryptMessage");
554 AuthorizationSet out_params;
555 string plaintext =
556 ProcessMessage(key_blob, KeyPurpose::DECRYPT, ciphertext, params, &out_params);
557 EXPECT_TRUE(out_params.empty());
558 return plaintext;
559}
560
561string KeymasterHidlTest::DecryptMessage(const string& ciphertext, const AuthorizationSet& params) {
562 SCOPED_TRACE("DecryptMessage");
563 return DecryptMessage(key_blob_, ciphertext, params);
564}
565
566string KeymasterHidlTest::DecryptMessage(const string& ciphertext, BlockMode block_mode,
567 PaddingMode padding_mode, const HidlBuf& iv) {
568 SCOPED_TRACE("DecryptMessage");
569 auto params = AuthorizationSetBuilder()
570 .BlockMode(block_mode)
571 .Padding(padding_mode)
572 .Authorization(TAG_NONCE, iv);
573 return DecryptMessage(key_blob_, ciphertext, params);
574}
575
576std::pair<ErrorCode, HidlBuf> KeymasterHidlTest::UpgradeKey(const HidlBuf& key_blob) {
577 std::pair<ErrorCode, HidlBuf> retval;
578 keymaster_->upgradeKey(key_blob, hidl_vec<KeyParameter>(),
579 [&](ErrorCode error, const hidl_vec<uint8_t>& upgraded_blob) {
580 retval = std::tie(error, upgraded_blob);
581 });
582 return retval;
583}
584
585} // namespace test
586} // namespace V4_0
587} // namespace keymaster
588} // namespace hardware
589} // namespace android