Move large test modules into separate files
This complies better with the Android Rust style guide, and makes it
easier to navigate the code.
Test: keystore2_test libwatchdog_rs.test librkpd_client.test
Change-Id: Iceb49e309af66ec16d31da66b328936b0312061a
diff --git a/keystore2/src/key_parameter.rs b/keystore2/src/key_parameter.rs
index bd45207..466fb50 100644
--- a/keystore2/src/key_parameter.rs
+++ b/keystore2/src/key_parameter.rs
@@ -111,6 +111,18 @@
use serde::ser::Serializer;
use serde::{Deserialize, Serialize};
+#[cfg(test)]
+mod generated_key_parameter_tests;
+
+#[cfg(test)]
+mod basic_tests;
+
+#[cfg(test)]
+mod storage_tests;
+
+#[cfg(test)]
+mod wire_tests;
+
/// This trait is used to associate a primitive to any type that can be stored inside a
/// KeyParameterValue, especially the AIDL enum types, e.g., keymint::{Algorithm, Digest, ...}.
/// This allows for simplifying the macro rules, e.g., for reading from the SQL database.
@@ -1091,490 +1103,3 @@
Authorization { securityLevel: self.security_level, keyParameter: self.value.into() }
}
}
-
-#[cfg(test)]
-mod generated_key_parameter_tests {
- use super::*;
- use android_hardware_security_keymint::aidl::android::hardware::security::keymint::TagType::TagType;
-
- fn get_field_by_tag_type(tag: Tag) -> KmKeyParameterValue {
- let tag_type = TagType((tag.0 as u32 & 0xF0000000) as i32);
- match tag {
- Tag::ALGORITHM => return KmKeyParameterValue::Algorithm(Default::default()),
- Tag::BLOCK_MODE => return KmKeyParameterValue::BlockMode(Default::default()),
- Tag::PADDING => return KmKeyParameterValue::PaddingMode(Default::default()),
- Tag::DIGEST => return KmKeyParameterValue::Digest(Default::default()),
- Tag::RSA_OAEP_MGF_DIGEST => return KmKeyParameterValue::Digest(Default::default()),
- Tag::EC_CURVE => return KmKeyParameterValue::EcCurve(Default::default()),
- Tag::ORIGIN => return KmKeyParameterValue::Origin(Default::default()),
- Tag::PURPOSE => return KmKeyParameterValue::KeyPurpose(Default::default()),
- Tag::USER_AUTH_TYPE => {
- return KmKeyParameterValue::HardwareAuthenticatorType(Default::default())
- }
- Tag::HARDWARE_TYPE => return KmKeyParameterValue::SecurityLevel(Default::default()),
- _ => {}
- }
- match tag_type {
- TagType::INVALID => return KmKeyParameterValue::Invalid(Default::default()),
- TagType::ENUM | TagType::ENUM_REP => {}
- TagType::UINT | TagType::UINT_REP => {
- return KmKeyParameterValue::Integer(Default::default())
- }
- TagType::ULONG | TagType::ULONG_REP => {
- return KmKeyParameterValue::LongInteger(Default::default())
- }
- TagType::DATE => return KmKeyParameterValue::DateTime(Default::default()),
- TagType::BOOL => return KmKeyParameterValue::BoolValue(Default::default()),
- TagType::BIGNUM | TagType::BYTES => {
- return KmKeyParameterValue::Blob(Default::default())
- }
- _ => {}
- }
- panic!("Unknown tag/tag_type: {:?} {:?}", tag, tag_type);
- }
-
- fn check_field_matches_tag_type(list_o_parameters: &[KmKeyParameter]) {
- for kp in list_o_parameters.iter() {
- match (&kp.value, get_field_by_tag_type(kp.tag)) {
- (&KmKeyParameterValue::Algorithm(_), KmKeyParameterValue::Algorithm(_))
- | (&KmKeyParameterValue::BlockMode(_), KmKeyParameterValue::BlockMode(_))
- | (&KmKeyParameterValue::PaddingMode(_), KmKeyParameterValue::PaddingMode(_))
- | (&KmKeyParameterValue::Digest(_), KmKeyParameterValue::Digest(_))
- | (&KmKeyParameterValue::EcCurve(_), KmKeyParameterValue::EcCurve(_))
- | (&KmKeyParameterValue::Origin(_), KmKeyParameterValue::Origin(_))
- | (&KmKeyParameterValue::KeyPurpose(_), KmKeyParameterValue::KeyPurpose(_))
- | (
- &KmKeyParameterValue::HardwareAuthenticatorType(_),
- KmKeyParameterValue::HardwareAuthenticatorType(_),
- )
- | (&KmKeyParameterValue::SecurityLevel(_), KmKeyParameterValue::SecurityLevel(_))
- | (&KmKeyParameterValue::Invalid(_), KmKeyParameterValue::Invalid(_))
- | (&KmKeyParameterValue::Integer(_), KmKeyParameterValue::Integer(_))
- | (&KmKeyParameterValue::LongInteger(_), KmKeyParameterValue::LongInteger(_))
- | (&KmKeyParameterValue::DateTime(_), KmKeyParameterValue::DateTime(_))
- | (&KmKeyParameterValue::BoolValue(_), KmKeyParameterValue::BoolValue(_))
- | (&KmKeyParameterValue::Blob(_), KmKeyParameterValue::Blob(_)) => {}
- (actual, expected) => panic!(
- "Tag {:?} associated with variant {:?} expected {:?}",
- kp.tag, actual, expected
- ),
- }
- }
- }
-
- #[test]
- fn key_parameter_value_field_matches_tag_type() {
- check_field_matches_tag_type(&KeyParameterValue::make_field_matches_tag_type_test_vector());
- }
-
- #[test]
- fn key_parameter_serialization_test() {
- let params = KeyParameterValue::make_key_parameter_defaults_vector();
- let mut out_buffer: Vec<u8> = Default::default();
- serde_cbor::to_writer(&mut out_buffer, ¶ms)
- .expect("Failed to serialize key parameters.");
- let deserialized_params: Vec<KeyParameter> =
- serde_cbor::from_reader(&mut out_buffer.as_slice())
- .expect("Failed to deserialize key parameters.");
- assert_eq!(params, deserialized_params);
- }
-}
-
-#[cfg(test)]
-mod basic_tests {
- use crate::key_parameter::*;
-
- // Test basic functionality of KeyParameter.
- #[test]
- fn test_key_parameter() {
- let key_parameter = KeyParameter::new(
- KeyParameterValue::Algorithm(Algorithm::RSA),
- SecurityLevel::STRONGBOX,
- );
-
- assert_eq!(key_parameter.get_tag(), Tag::ALGORITHM);
-
- assert_eq!(
- *key_parameter.key_parameter_value(),
- KeyParameterValue::Algorithm(Algorithm::RSA)
- );
-
- assert_eq!(*key_parameter.security_level(), SecurityLevel::STRONGBOX);
- }
-}
-
-/// The storage_tests module first tests the 'new_from_sql' method for KeyParameters of different
-/// data types and then tests 'to_sql' method for KeyParameters of those
-/// different data types. The five different data types for KeyParameter values are:
-/// i) enums of u32
-/// ii) u32
-/// iii) u64
-/// iv) Vec<u8>
-/// v) bool
-#[cfg(test)]
-mod storage_tests {
- use crate::error::*;
- use crate::key_parameter::*;
- use anyhow::Result;
- use rusqlite::types::ToSql;
- use rusqlite::{params, Connection};
-
- /// Test initializing a KeyParameter (with key parameter value corresponding to an enum of i32)
- /// from a database table row.
- #[test]
- fn test_new_from_sql_enum_i32() -> Result<()> {
- let db = init_db()?;
- insert_into_keyparameter(
- &db,
- 1,
- Tag::ALGORITHM.0,
- &Algorithm::RSA.0,
- SecurityLevel::STRONGBOX.0,
- )?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(Tag::ALGORITHM, key_param.get_tag());
- assert_eq!(*key_param.key_parameter_value(), KeyParameterValue::Algorithm(Algorithm::RSA));
- assert_eq!(*key_param.security_level(), SecurityLevel::STRONGBOX);
- Ok(())
- }
-
- /// Test initializing a KeyParameter (with key parameter value which is of i32)
- /// from a database table row.
- #[test]
- fn test_new_from_sql_i32() -> Result<()> {
- let db = init_db()?;
- insert_into_keyparameter(&db, 1, Tag::KEY_SIZE.0, &1024, SecurityLevel::STRONGBOX.0)?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(Tag::KEY_SIZE, key_param.get_tag());
- assert_eq!(*key_param.key_parameter_value(), KeyParameterValue::KeySize(1024));
- Ok(())
- }
-
- /// Test initializing a KeyParameter (with key parameter value which is of i64)
- /// from a database table row.
- #[test]
- fn test_new_from_sql_i64() -> Result<()> {
- let db = init_db()?;
- // max value for i64, just to test corner cases
- insert_into_keyparameter(
- &db,
- 1,
- Tag::RSA_PUBLIC_EXPONENT.0,
- &(i64::MAX),
- SecurityLevel::STRONGBOX.0,
- )?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(Tag::RSA_PUBLIC_EXPONENT, key_param.get_tag());
- assert_eq!(
- *key_param.key_parameter_value(),
- KeyParameterValue::RSAPublicExponent(i64::MAX)
- );
- Ok(())
- }
-
- /// Test initializing a KeyParameter (with key parameter value which is of bool)
- /// from a database table row.
- #[test]
- fn test_new_from_sql_bool() -> Result<()> {
- let db = init_db()?;
- insert_into_keyparameter(&db, 1, Tag::CALLER_NONCE.0, &Null, SecurityLevel::STRONGBOX.0)?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(Tag::CALLER_NONCE, key_param.get_tag());
- assert_eq!(*key_param.key_parameter_value(), KeyParameterValue::CallerNonce);
- Ok(())
- }
-
- /// Test initializing a KeyParameter (with key parameter value which is of Vec<u8>)
- /// from a database table row.
- #[test]
- fn test_new_from_sql_vec_u8() -> Result<()> {
- let db = init_db()?;
- let app_id = String::from("MyAppID");
- let app_id_bytes = app_id.into_bytes();
- insert_into_keyparameter(
- &db,
- 1,
- Tag::APPLICATION_ID.0,
- &app_id_bytes,
- SecurityLevel::STRONGBOX.0,
- )?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(Tag::APPLICATION_ID, key_param.get_tag());
- assert_eq!(
- *key_param.key_parameter_value(),
- KeyParameterValue::ApplicationID(app_id_bytes)
- );
- Ok(())
- }
-
- /// Test storing a KeyParameter (with key parameter value which corresponds to an enum of i32)
- /// in the database
- #[test]
- fn test_to_sql_enum_i32() -> Result<()> {
- let db = init_db()?;
- let kp = KeyParameter::new(
- KeyParameterValue::Algorithm(Algorithm::RSA),
- SecurityLevel::STRONGBOX,
- );
- store_keyparameter(&db, 1, &kp)?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(kp.get_tag(), key_param.get_tag());
- assert_eq!(kp.key_parameter_value(), key_param.key_parameter_value());
- assert_eq!(kp.security_level(), key_param.security_level());
- Ok(())
- }
-
- /// Test storing a KeyParameter (with key parameter value which is of i32) in the database
- #[test]
- fn test_to_sql_i32() -> Result<()> {
- let db = init_db()?;
- let kp = KeyParameter::new(KeyParameterValue::KeySize(1024), SecurityLevel::STRONGBOX);
- store_keyparameter(&db, 1, &kp)?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(kp.get_tag(), key_param.get_tag());
- assert_eq!(kp.key_parameter_value(), key_param.key_parameter_value());
- assert_eq!(kp.security_level(), key_param.security_level());
- Ok(())
- }
-
- /// Test storing a KeyParameter (with key parameter value which is of i64) in the database
- #[test]
- fn test_to_sql_i64() -> Result<()> {
- let db = init_db()?;
- // max value for i64, just to test corner cases
- let kp = KeyParameter::new(
- KeyParameterValue::RSAPublicExponent(i64::MAX),
- SecurityLevel::STRONGBOX,
- );
- store_keyparameter(&db, 1, &kp)?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(kp.get_tag(), key_param.get_tag());
- assert_eq!(kp.key_parameter_value(), key_param.key_parameter_value());
- assert_eq!(kp.security_level(), key_param.security_level());
- Ok(())
- }
-
- /// Test storing a KeyParameter (with key parameter value which is of Vec<u8>) in the database
- #[test]
- fn test_to_sql_vec_u8() -> Result<()> {
- let db = init_db()?;
- let kp = KeyParameter::new(
- KeyParameterValue::ApplicationID(String::from("MyAppID").into_bytes()),
- SecurityLevel::STRONGBOX,
- );
- store_keyparameter(&db, 1, &kp)?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(kp.get_tag(), key_param.get_tag());
- assert_eq!(kp.key_parameter_value(), key_param.key_parameter_value());
- assert_eq!(kp.security_level(), key_param.security_level());
- Ok(())
- }
-
- /// Test storing a KeyParameter (with key parameter value which is of i32) in the database
- #[test]
- fn test_to_sql_bool() -> Result<()> {
- let db = init_db()?;
- let kp = KeyParameter::new(KeyParameterValue::CallerNonce, SecurityLevel::STRONGBOX);
- store_keyparameter(&db, 1, &kp)?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(kp.get_tag(), key_param.get_tag());
- assert_eq!(kp.key_parameter_value(), key_param.key_parameter_value());
- assert_eq!(kp.security_level(), key_param.security_level());
- Ok(())
- }
-
- #[test]
- /// Test Tag::Invalid
- fn test_invalid_tag() -> Result<()> {
- let db = init_db()?;
- insert_into_keyparameter(&db, 1, 0, &123, 1)?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(Tag::INVALID, key_param.get_tag());
- Ok(())
- }
-
- #[test]
- fn test_non_existing_enum_variant() -> Result<()> {
- let db = init_db()?;
- insert_into_keyparameter(&db, 1, 100, &123, 1)?;
- let key_param = query_from_keyparameter(&db)?;
- assert_eq!(Tag::INVALID, key_param.get_tag());
- Ok(())
- }
-
- #[test]
- fn test_invalid_conversion_from_sql() -> Result<()> {
- let db = init_db()?;
- insert_into_keyparameter(&db, 1, Tag::ALGORITHM.0, &Null, 1)?;
- tests::check_result_contains_error_string(
- query_from_keyparameter(&db),
- "Failed to read sql data for tag: ALGORITHM.",
- );
- Ok(())
- }
-
- /// Helper method to init database table for key parameter
- fn init_db() -> Result<Connection> {
- let db = Connection::open_in_memory().context("Failed to initialize sqlite connection.")?;
- db.execute("ATTACH DATABASE ? as 'persistent';", params![""])
- .context("Failed to attach databases.")?;
- db.execute(
- "CREATE TABLE IF NOT EXISTS persistent.keyparameter (
- keyentryid INTEGER,
- tag INTEGER,
- data ANY,
- security_level INTEGER);",
- [],
- )
- .context("Failed to initialize \"keyparameter\" table.")?;
- Ok(db)
- }
-
- /// Helper method to insert an entry into key parameter table, with individual parameters
- fn insert_into_keyparameter<T: ToSql>(
- db: &Connection,
- key_id: i64,
- tag: i32,
- value: &T,
- security_level: i32,
- ) -> Result<()> {
- db.execute(
- "INSERT into persistent.keyparameter (keyentryid, tag, data, security_level)
- VALUES(?, ?, ?, ?);",
- params![key_id, tag, *value, security_level],
- )?;
- Ok(())
- }
-
- /// Helper method to store a key parameter instance.
- fn store_keyparameter(db: &Connection, key_id: i64, kp: &KeyParameter) -> Result<()> {
- db.execute(
- "INSERT into persistent.keyparameter (keyentryid, tag, data, security_level)
- VALUES(?, ?, ?, ?);",
- params![key_id, kp.get_tag().0, kp.key_parameter_value(), kp.security_level().0],
- )?;
- Ok(())
- }
-
- /// Helper method to query a row from keyparameter table
- fn query_from_keyparameter(db: &Connection) -> Result<KeyParameter> {
- let mut stmt =
- db.prepare("SELECT tag, data, security_level FROM persistent.keyparameter")?;
- let mut rows = stmt.query([])?;
- let row = rows.next()?.unwrap();
- KeyParameter::new_from_sql(
- Tag(row.get(0)?),
- &SqlField::new(1, row),
- SecurityLevel(row.get(2)?),
- )
- }
-}
-
-/// The wire_tests module tests the 'convert_to_wire' and 'convert_from_wire' methods for
-/// KeyParameter, for the four different types used in KmKeyParameter, in addition to Invalid
-/// key parameter.
-/// i) bool
-/// ii) integer
-/// iii) longInteger
-/// iv) blob
-#[cfg(test)]
-mod wire_tests {
- use crate::key_parameter::*;
- /// unit tests for to conversions
- #[test]
- fn test_convert_to_wire_invalid() {
- let kp = KeyParameter::new(KeyParameterValue::Invalid, SecurityLevel::STRONGBOX);
- assert_eq!(
- KmKeyParameter { tag: Tag::INVALID, value: KmKeyParameterValue::Invalid(0) },
- kp.value.into()
- );
- }
- #[test]
- fn test_convert_to_wire_bool() {
- let kp = KeyParameter::new(KeyParameterValue::CallerNonce, SecurityLevel::STRONGBOX);
- assert_eq!(
- KmKeyParameter { tag: Tag::CALLER_NONCE, value: KmKeyParameterValue::BoolValue(true) },
- kp.value.into()
- );
- }
- #[test]
- fn test_convert_to_wire_integer() {
- let kp = KeyParameter::new(
- KeyParameterValue::KeyPurpose(KeyPurpose::ENCRYPT),
- SecurityLevel::STRONGBOX,
- );
- assert_eq!(
- KmKeyParameter {
- tag: Tag::PURPOSE,
- value: KmKeyParameterValue::KeyPurpose(KeyPurpose::ENCRYPT)
- },
- kp.value.into()
- );
- }
- #[test]
- fn test_convert_to_wire_long_integer() {
- let kp =
- KeyParameter::new(KeyParameterValue::UserSecureID(i64::MAX), SecurityLevel::STRONGBOX);
- assert_eq!(
- KmKeyParameter {
- tag: Tag::USER_SECURE_ID,
- value: KmKeyParameterValue::LongInteger(i64::MAX)
- },
- kp.value.into()
- );
- }
- #[test]
- fn test_convert_to_wire_blob() {
- let kp = KeyParameter::new(
- KeyParameterValue::ConfirmationToken(String::from("ConfirmationToken").into_bytes()),
- SecurityLevel::STRONGBOX,
- );
- assert_eq!(
- KmKeyParameter {
- tag: Tag::CONFIRMATION_TOKEN,
- value: KmKeyParameterValue::Blob(String::from("ConfirmationToken").into_bytes())
- },
- kp.value.into()
- );
- }
-
- /// unit tests for from conversion
- #[test]
- fn test_convert_from_wire_invalid() {
- let aidl_kp = KmKeyParameter { tag: Tag::INVALID, ..Default::default() };
- assert_eq!(KeyParameterValue::Invalid, aidl_kp.into());
- }
- #[test]
- fn test_convert_from_wire_bool() {
- let aidl_kp =
- KmKeyParameter { tag: Tag::CALLER_NONCE, value: KmKeyParameterValue::BoolValue(true) };
- assert_eq!(KeyParameterValue::CallerNonce, aidl_kp.into());
- }
- #[test]
- fn test_convert_from_wire_integer() {
- let aidl_kp = KmKeyParameter {
- tag: Tag::PURPOSE,
- value: KmKeyParameterValue::KeyPurpose(KeyPurpose::ENCRYPT),
- };
- assert_eq!(KeyParameterValue::KeyPurpose(KeyPurpose::ENCRYPT), aidl_kp.into());
- }
- #[test]
- fn test_convert_from_wire_long_integer() {
- let aidl_kp = KmKeyParameter {
- tag: Tag::USER_SECURE_ID,
- value: KmKeyParameterValue::LongInteger(i64::MAX),
- };
- assert_eq!(KeyParameterValue::UserSecureID(i64::MAX), aidl_kp.into());
- }
- #[test]
- fn test_convert_from_wire_blob() {
- let aidl_kp = KmKeyParameter {
- tag: Tag::CONFIRMATION_TOKEN,
- value: KmKeyParameterValue::Blob(String::from("ConfirmationToken").into_bytes()),
- };
- assert_eq!(
- KeyParameterValue::ConfirmationToken(String::from("ConfirmationToken").into_bytes()),
- aidl_kp.into()
- );
- }
-}