Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 4d48337ffd8e63cd011560ca7fe8fda7a9ae197b^! / . / keystore2 / tests / Android.bp
commit4d48337ffd8e63cd011560ca7fe8fda7a9ae197b[log] [tgz]
authorRajesh Nyamagoud <nyamagoud@google.com>Wed Feb 09 01:38:23 2022 +0000
committerRajesh Nyamagoud <nyamagoud@google.com>Thu Oct 20 16:09:02 2022 +0000
treeb76db4028661e5b32ba424b66047d15447e13505
parentfd317c72d9fde813458363ec0554097879b7948b [diff] [blame]
Added tests using attest keys for signing RSA and EC keys.

- Generate EC/RSA attestation keys and use it for signing RSA and EC
  keys. Test should be able to use the attest keys for signing the
  generated keys successfully.

- Generate EC-CURVE_25519 attestation key and use it for signing RSA
  key. Test should be able to generate RSA key with EC-CURVE_25519 key
  as attestation key.

- Generate an asymmetric key which doesn't possess ATTEST_KEY purpose.
  Use this key for attesting asymmetric key. It should fail to generate
  key with incompatible purpose error.

- Generate a symmetric key. Try to use this symmetric key as attestation
  key while generating asymmetric key. It should fail to generate a key
  with system error.

- Try to generate symmetric key with valid attestation key,
  attstation-challenge and attestation-app-id. Test should generate a
  key without attestation record.

- Try to generate RSA/EC attestation keys with multiple purpose. Test
  should fail to generate keys with incompatible purpose error code.

- Generate an attestation key and try to use it for signing a key
  without providing attestation challenge. Test should fail with missing
  attestation challenge error.

Note: These tests are executed on devices where
`android.hardware.keystore.app_attest_key` feature is enabled, otherwise
tests are skipped.

Bug: 194359114
Test: atest keystore2_client_test
Change-Id: I4228dc5fe5e207995472c3425d5f2696ef95249f

diff --git a/keystore2/tests/Android.bp b/keystore2/tests/Android.bp
index e5d78e4..8194100 100644
--- a/keystore2/tests/Android.bp
+++ b/keystore2/tests/Android.bp

@@ -36,6 +36,7 @@
     rustlibs: [
         "librustutils",
         "libkeystore2_test_utils",
+	"packagemanager_aidl-rust",
         "libnix",
         "libanyhow",
         "libbinder_rs",
@@ -43,6 +44,39 @@
         "liblibc",
         "libserde",
         "libthiserror",
+	"libcxx",
+    ],
+    static_libs: [
+        "libkeystore2_ffi_test_utils",
+        "libgtest",
+        "libkeymint_vts_test_utils",
+    ],
+    shared_libs: [
+        "libcrypto",
     ],
     require_root: true,
 }
+
+cc_library_static {
+    name: "libkeystore2_ffi_test_utils",
+    srcs: ["ffi_test_utils.cpp"],
+    defaults: [
+        "keymint_vts_defaults",
+        "hidl_defaults",
+    ],
+    generated_headers: [
+        "cxx-bridge-header",
+    ],
+    generated_sources: ["libkeystore2_ffi_test_utils_bridge_code"],
+    static_libs: [
+        "libkeymint_vts_test_utils",
+    ],
+}
+
+genrule {
+    name: "libkeystore2_ffi_test_utils_bridge_code",
+    tools: ["cxxbridge"],
+    cmd: "$(location cxxbridge) $(in) >> $(out)",
+    srcs: ["keystore2_client_attest_key_tests.rs"],
+    out: ["libkeystore2_test_utils_cxx_generated.cc"],
+}