Remove keystore from tests
Keystore is being removed from microdroid so remove the tests that
reference it.
Bug: 215747811
Test: atest MicrodroidTests
Change-Id: I846759508918ff4ca98ccae87b9b962d743ff2ce
diff --git a/tests/testapk/Android.bp b/tests/testapk/Android.bp
index 6cd16c2..4cca538 100644
--- a/tests/testapk/Android.bp
+++ b/tests/testapk/Android.bp
@@ -22,7 +22,6 @@
name: "MicrodroidTestNativeLib",
srcs: ["src/native/testbinary.cpp"],
shared_libs: [
- "android.system.keystore2-V1-ndk",
"android.system.virtualmachineservice-ndk",
"com.android.microdroid.testservice-ndk",
"libbase",
diff --git a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
index 032ecfd..bd44a3c 100644
--- a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
+++ b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
@@ -176,9 +176,6 @@
testService.readProperty("debug.microdroid.app.sublib.run"),
"true");
assertEquals(
- testService.readProperty("debug.microdroid.test.keystore"),
- "PASS");
- assertEquals(
testService.readProperty("debug.microdroid.test.extra_apk"),
"PASS");
} catch (Exception e) {
diff --git a/tests/testapk/src/native/testbinary.cpp b/tests/testapk/src/native/testbinary.cpp
index c748b2a..301328a 100644
--- a/tests/testapk/src/native/testbinary.cpp
+++ b/tests/testapk/src/native/testbinary.cpp
@@ -13,13 +13,11 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#include <aidl/android/system/keystore2/IKeystoreService.h>
#include <aidl/android/system/virtualmachineservice/IVirtualMachineService.h>
#include <aidl/com/android/microdroid/testservice/BnTestService.h>
#include <android-base/file.h>
#include <android-base/properties.h>
#include <android-base/result.h>
-#include <android-base/unique_fd.h>
#include <android/binder_auto_utils.h>
#include <android/binder_manager.h>
#include <fcntl.h>
@@ -34,159 +32,16 @@
#include <binder_rpc_unstable.hpp>
#include <string>
-using aidl::android::hardware::security::keymint::Algorithm;
-using aidl::android::hardware::security::keymint::Digest;
-using aidl::android::hardware::security::keymint::KeyParameter;
-using aidl::android::hardware::security::keymint::KeyParameterValue;
-using aidl::android::hardware::security::keymint::KeyPurpose;
-using aidl::android::hardware::security::keymint::SecurityLevel;
-using aidl::android::hardware::security::keymint::Tag;
-
-using aidl::android::system::keystore2::CreateOperationResponse;
-using aidl::android::system::keystore2::Domain;
-using aidl::android::system::keystore2::IKeystoreSecurityLevel;
-using aidl::android::system::keystore2::IKeystoreService;
-using aidl::android::system::keystore2::KeyDescriptor;
-using aidl::android::system::keystore2::KeyMetadata;
-
using aidl::android::system::virtualmachineservice::IVirtualMachineService;
using android::base::ErrnoError;
using android::base::Error;
using android::base::Result;
-using android::base::unique_fd;
extern void testlib_sub();
namespace {
-Result<void> test_keystore() {
- // Connect to Keystore.
- ndk::SpAIBinder binder(
- AServiceManager_waitForService("android.system.keystore2.IKeystoreService/default"));
- auto service = IKeystoreService::fromBinder(binder);
- if (service == nullptr) {
- return Error() << "Failed to find Keystore";
- }
- std::shared_ptr<IKeystoreSecurityLevel> securityLevel;
- auto status = service->getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT, &securityLevel);
- if (!status.isOk()) {
- return Error() << "Failed to get security level";
- }
-
- // Create a signing key.
- std::vector<KeyParameter> params;
-
- KeyParameter algo;
- algo.tag = Tag::ALGORITHM;
- algo.value = KeyParameterValue::make<KeyParameterValue::algorithm>(Algorithm::HMAC);
- params.push_back(algo);
-
- KeyParameter key_size;
- key_size.tag = Tag::KEY_SIZE;
- key_size.value = KeyParameterValue::make<KeyParameterValue::integer>(256);
- params.push_back(key_size);
-
- KeyParameter min_mac_length;
- min_mac_length.tag = Tag::MIN_MAC_LENGTH;
- min_mac_length.value = KeyParameterValue::make<KeyParameterValue::integer>(256);
- params.push_back(min_mac_length);
-
- KeyParameter digest;
- digest.tag = Tag::DIGEST;
- digest.value = KeyParameterValue::make<KeyParameterValue::digest>(Digest::SHA_2_256);
- params.push_back(digest);
-
- KeyParameter purposeSign;
- purposeSign.tag = Tag::PURPOSE;
- purposeSign.value = KeyParameterValue::make<KeyParameterValue::keyPurpose>(KeyPurpose::SIGN);
- params.push_back(purposeSign);
-
- KeyParameter purposeVerify;
- purposeVerify.tag = Tag::PURPOSE;
- purposeVerify.value =
- KeyParameterValue::make<KeyParameterValue::keyPurpose>(KeyPurpose::VERIFY);
- params.push_back(purposeVerify);
-
- KeyParameter auth;
- auth.tag = Tag::NO_AUTH_REQUIRED;
- auth.value = KeyParameterValue::make<KeyParameterValue::boolValue>(true);
- params.push_back(auth);
-
- KeyDescriptor descriptor;
- descriptor.domain = Domain::SELINUX;
- descriptor.alias = "payload-test-key";
- descriptor.nspace = 140; // vm_payload_key
-
- KeyMetadata metadata;
- status = securityLevel->generateKey(descriptor, {}, params, 0, {}, &metadata);
- if (!status.isOk()) {
- return Error() << "Failed to create new HMAC key";
- }
-
- // Sign something.
- params.clear();
- params.push_back(algo);
- params.push_back(digest);
- params.push_back(purposeSign);
-
- KeyParameter mac_length;
- mac_length.tag = Tag::MAC_LENGTH;
- mac_length.value = KeyParameterValue::make<KeyParameterValue::integer>(256);
- params.push_back(mac_length);
-
- CreateOperationResponse opResponse;
- status = securityLevel->createOperation(descriptor, params, false, &opResponse);
- if (!status.isOk()) {
- return Error() << "Failed to create keystore signing operation: "
- << status.getServiceSpecificError();
- }
- auto operation = opResponse.iOperation;
-
- std::string message = "This is the message to sign";
- std::optional<std::vector<uint8_t>> out;
- status = operation->update({message.begin(), message.end()}, &out);
- if (!status.isOk()) {
- return Error() << "Failed to call keystore update operation.";
- }
-
- std::optional<std::vector<uint8_t>> signature;
- status = operation->finish({}, {}, &signature);
- if (!status.isOk()) {
- return Error() << "Failed to call keystore finish operation.";
- }
-
- if (!signature.has_value()) {
- return Error() << "Didn't receive a signature from keystore finish operation.";
- }
-
- // Verify the signature.
- params.clear();
- params.push_back(algo);
- params.push_back(digest);
- params.push_back(purposeVerify);
-
- status = securityLevel->createOperation(descriptor, params, false, &opResponse);
- if (!status.isOk()) {
- return Error() << "Failed to create keystore verification operation: "
- << status.getServiceSpecificError();
- }
- operation = opResponse.iOperation;
-
- status = operation->update({message.begin(), message.end()}, &out);
- if (!status.isOk()) {
- return Error() << "Failed to call keystore update operation.";
- }
-
- std::optional<std::vector<uint8_t>> out_signature;
- status = operation->finish({}, signature.value(), &out_signature);
- if (!status.isOk()) {
- return Error() << "Failed to call keystore finish operation.";
- }
-
- return {};
-}
-
template <typename T>
Result<T> report_test(std::string name, Result<T> result) {
auto property = "debug.microdroid.test." + name;
@@ -283,7 +138,6 @@
report_test("extra_apk", verify_apk());
__system_property_set("debug.microdroid.app.run", "true");
- if (!report_test("keystore", test_keystore()).ok()) return 1;
if (auto res = start_test_service(); res.ok()) {
return 0;