Merge "KeyMint manual key upgrade tests" am: 3d40abfec8 (88bacf97) · Commits · e / os / android_hardware_interfaces

security/keymint/aidl/vts/functional/Android.bp

+1 −0

Original line number	Diff line number	Diff line
		@@ -57,6 +57,7 @@ cc_test {
		srcs: [
		"AttestKeyTest.cpp",
		"DeviceUniqueAttestationTest.cpp",
		"KeyBlobUpgradeTest.cpp",
		"KeyMintTest.cpp",
		"SecureElementProvisioningTest.cpp",
		],

0 → 100644

+609 −0

File added.

Preview size limit exceeded, changes collapsed.

+9 −2

Original line number	Diff line number	Diff line
		@@ -184,6 +184,7 @@ string x509NameToStr(X509_NAME* name) {

		bool KeyMintAidlTestBase::arm_deleteAllKeys = false;
		bool KeyMintAidlTestBase::dump_Attestations = false;
		std::string KeyMintAidlTestBase::keyblob_dir;

		uint32_t KeyMintAidlTestBase::boot_patch_level(
		const vector<KeyCharacteristics>& key_characteristics) {
		@@ -946,9 +947,15 @@ void KeyMintAidlTestBase::LocalVerifyMessage(const string& message, const string
		const AuthorizationSet& params) {
		SCOPED_TRACE("LocalVerifyMessage");

		// Retrieve the public key from the leaf certificate.
		ASSERT_GT(cert_chain_.size(), 0);
		X509_Ptr key_cert(parse_cert_blob(cert_chain_[0].encodedCertificate));
		LocalVerifyMessage(cert_chain_[0].encodedCertificate, message, signature, params);
		}

		void KeyMintAidlTestBase::LocalVerifyMessage(const vector<uint8_t>& der_cert, const string& message,
		const string& signature,
		const AuthorizationSet& params) {
		// Retrieve the public key from the leaf certificate.
		X509_Ptr key_cert(parse_cert_blob(der_cert));
		ASSERT_TRUE(key_cert.get());
		EVP_PKEY_Ptr pub_key(X509_get_pubkey(key_cert.get()));
		ASSERT_TRUE(pub_key.get());

+6 −0

Original line number	Diff line number	Diff line
		@@ -64,6 +64,10 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> {
		static bool arm_deleteAllKeys;
		static bool dump_Attestations;

		// Directory to store/retrieve keyblobs, using subdirectories named for the
		// KeyMint instance in question (e.g. "./default/", "./strongbox/").
		static std::string keyblob_dir;

		void SetUp() override;
		void TearDown() override {
		if (key_blob_.size()) {
		@@ -206,6 +210,8 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> {
		const string& signature, const AuthorizationSet& params);
		void VerifyMessage(const string& message, const string& signature,
		const AuthorizationSet& params);
		void LocalVerifyMessage(const vector<uint8_t>& der_cert, const string& message,
		const string& signature, const AuthorizationSet& params);
		void LocalVerifyMessage(const string& message, const string& signature,
		const AuthorizationSet& params);

+9 −0

Original line number	Diff line number	Diff line
		@@ -8649,6 +8649,15 @@ int main(int argc, char** argv) {
		// interactions.
		aidl::android::hardware::security::keymint::test::check_boot_pl = false;
		}
		if (std::string(argv[i]) == "--keyblob_dir") {
		if (i + 1 >= argc) {
		std::cerr << "Missing argument for --keyblob_dir\n";
		return 1;
		}
		aidl::android::hardware::security::keymint::test::KeyMintAidlTestBase::keyblob_dir =
		std::string(argv[i + 1]);
		++i;
		}
		}
		}
		return RUN_ALL_TESTS();