Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 087ead16 authored by David Drysdale's avatar David Drysdale
Browse files

AuthGraph VTS: detect additional errors 

A failure to get the IAuthGraphKeyExchange/nonsecure instance might
be because it's not registered (likely on most non-Cuttlefish devices)
or it might be for some other reason, such as SELinux denial.

So detect other kinds of failure to get the service, and also change
the VTS to require root so SELinux denials don't happen.

Also tweak the expected return code when a source is given a corrupt
key; now that replay protection is implemented, the reference
implementation rejects this earlier (and with a different error)
because the session lookup fails.

Test: VtsAidlAuthGraphRoleTest
Bug: 291228560
Change-Id: I032600ac809f43a3642fa9ef9aae788d3ca2378f
parent 3fb1cdda

security/authgraph/aidl/vts/functional/Android.bp

+1 −0
Original line number Diff line number Diff line
@@ -50,6 +50,7 @@ cc_test { 
rust_test {

    name: "VtsAidlAuthGraphRoleTest",

    srcs: ["role_test.rs"],

    require_root: true,

    test_suites: [

        "general-tests",

        "vts",

security/authgraph/aidl/vts/functional/role_test.rs

+6 −1
Original line number Diff line number Diff line
@@ -22,13 +22,18 @@ use authgraph_vts_test as vts; 
use android_hardware_security_authgraph::aidl::android::hardware::security::authgraph::{

    IAuthGraphKeyExchange::IAuthGraphKeyExchange,

};

use binder::StatusCode;



const AUTH_GRAPH_NONSECURE: &str =

    "android.hardware.security.authgraph.IAuthGraphKeyExchange/nonsecure";



/// Retrieve the /nonsecure instance of AuthGraph, which supports both sink and source roles.

fn get_nonsecure() -> Option<binder::Strong<dyn IAuthGraphKeyExchange>> {

    binder::get_interface(AUTH_GRAPH_NONSECURE).ok()

    match binder::get_interface(AUTH_GRAPH_NONSECURE) {

        Ok(ag) => Some(ag),

        Err(StatusCode::NAME_NOT_FOUND) => None,

        Err(e) => panic!("failed to get AuthGraph/nonsecure: {e:?}"),

    }

}



/// Macro to require availability of a /nonsecure instance of AuthGraph.

security/authgraph/aidl/vts/functional/source.rs

+8 −4
Original line number Diff line number Diff line
@@ -250,9 +250,13 @@ pub fn test_corrupt_key( 
        &corrupt_key,

    );



    let err = result.expect_err("expect failure with corrupt signature");

    assert_eq!(

        err,

        binder::Status::new_service_specific_error(Error::INVALID_PRIV_KEY_ARC_IN_KEY.0, None)

    let err = result.expect_err("expect failure with corrupt key");

    assert!(

        err == binder::Status::new_service_specific_error(Error::INVALID_KE_KEY.0, None)

            || err

                == binder::Status::new_service_specific_error(

                    Error::INVALID_PRIV_KEY_ARC_IN_KEY.0,

                    None

                )

    );

}