Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 377885e1 authored by Chad Brubaker's avatar Chad Brubaker Committed by Gerrit Code Review
Browse files

Merge "Mark all test keys as no auth required"

parents b292e49b ce7ad24b

keystore/tests/src/android/security/KeyStoreTest.java

+32 −0
Original line number Diff line number Diff line
@@ -712,6 +712,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { 
        args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT);

        args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_RSA);

        args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE);

        args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED);

        args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 2048);

        args.addLong(KeymasterDefs.KM_TAG_RSA_PUBLIC_EXPONENT,

                RSAKeyGenParameterSpec.F4.longValue());
@@ -735,6 +736,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { 
        args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT);

        args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_RSA);

        args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE);

        args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED);

        args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 2048);

        args.addLong(KeymasterDefs.KM_TAG_RSA_PUBLIC_EXPONENT,

                RSAKeyGenParameterSpec.F4.longValue());
@@ -769,6 +771,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { 
        args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE);

        args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 2048);

        args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_ECB);

        args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED);

        args.addBlob(KeymasterDefs.KM_TAG_APPLICATION_ID, id);

        args.addLong(KeymasterDefs.KM_TAG_RSA_PUBLIC_EXPONENT,

                RSAKeyGenParameterSpec.F4.longValue());
@@ -806,6 +809,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { 
        args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_OCB);

        args.addInt(KeymasterDefs.KM_TAG_CHUNK_LENGTH, 4096);

        args.addInt(KeymasterDefs.KM_TAG_MAC_LENGTH, 16);

        args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED);



        KeyCharacteristics outCharacteristics = new KeyCharacteristics();

        int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics);
@@ -838,6 +842,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { 
        args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE);

        args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, mode);

        args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, size);

        args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED);

        return mKeyStore.importKey(name, args, KeymasterDefs.KM_KEY_FORMAT_RAW, key, 0,

                new KeyCharacteristics());

    }
@@ -901,6 +906,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { 
        args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_OCB);

        args.addInt(KeymasterDefs.KM_TAG_CHUNK_LENGTH, 4096);

        args.addInt(KeymasterDefs.KM_TAG_MAC_LENGTH, 16);

        args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED);



        KeyCharacteristics outCharacteristics = new KeyCharacteristics();

        int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics);
@@ -922,4 +928,30 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> { 
        assertEquals("Operation should be pruned", KeymasterDefs.KM_ERROR_INVALID_OPERATION_HANDLE,

                mKeyStore.update(first, null, new byte[] {0x01}).resultCode);

    }



    public void testAuthNeeded() throws Exception {

        String name = "test";

        KeymasterArguments args = new KeymasterArguments();

        args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT);

        args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT);

        args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_AES);

        args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE);

        args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 256);

        args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_OCB);

        args.addInt(KeymasterDefs.KM_TAG_CHUNK_LENGTH, 4096);

        args.addInt(KeymasterDefs.KM_TAG_MAC_LENGTH, 16);

        args.addInt(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, 1);



        KeyCharacteristics outCharacteristics = new KeyCharacteristics();

        int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics);

        KeymasterArguments out = new KeymasterArguments();

        assertEquals("Generate should succeed", KeyStore.NO_ERROR, rc);

        OperationResult result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT,

                true, args, null, out);

        assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode);

        IBinder token = result.token;

        result = mKeyStore.update(token, null, new byte[] {0x01, 0x02, 0x03, 0x04});

        assertEquals("Update should require authorization",

                KeymasterDefs.KM_ERROR_KEY_USER_NOT_AUTHENTICATED, result.resultCode);

    }

}