Split Wifi Keystore HAL tests into smaller pieces

There was originally one test per function, which attempted many
possible error conditions and one success condition. It would be
easier to reason through the tests and maintain them if they
were smaller and each test attempted on thing.

Note that the logic on the "wrong user" tests was reversed; the
HAL expects the user to be the wifi user. The reverse may have
originally worked because the HAL library was run within the test
process.

Bug: 130207625
Test: On an AOSP build:
      make VtsHalWifiKeystoreV1_0TargetTest;
      vts-tradefed run commandAndExit vts -m VtsHalWifiKeystoreV1_0TargetTest

Change-Id: I534b7f66cdb1047a972a4dab708609b15cf287df
Merged-In: I282e151d0b38903578bd9077814c810e44b3b93d

diff --git a/wifi/keystore/1.0/vts/functional/VtsHalWifiKeystoreV1_0TargetTest.cpp b/wifi/keystore/1.0/vts/functional/VtsHalWifiKeystoreV1_0TargetTest.cpp
index a8c1410..53b6dd0 100644 (file)
--- a/wifi/keystore/1.0/vts/functional/VtsHalWifiKeystoreV1_0TargetTest.cpp
+++ b/wifi/keystore/1.0/vts/functional/VtsHalWifiKeystoreV1_0TargetTest.cpp
@@ -63,7 +63,7 @@ class WifiKeystoreHalTest : public Test {
             service_manager->getService(String16(kKeystoreServiceName));
         service = interface_cast<IKeystoreService>(keystore_binder);
 
-        EXPECT_NE(nullptr, service.get());
+        ASSERT_TRUE(service);
 
         resetState();
     }
@@ -206,11 +206,8 @@ class WifiKeystoreHalTest : public Test {
     sp<IKeystoreService> service;
 };
 
-/**
- * Test for the Wifi Keystore HAL's sign() call.
- */
-TEST_F(WifiKeystoreHalTest, Sign) {
-    ::android::system::wifi::keystore::V1_0::IKeystore::KeystoreStatusCode statusCode;
+TEST_F(WifiKeystoreHalTest, Sign_nullptr_key_name) {
+    IKeystore::KeystoreStatusCode statusCode;
 
     auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
                                   const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
@@ -219,57 +216,109 @@ TEST_F(WifiKeystoreHalTest, Sign) {
     };
 
     ::android::hardware::hidl_vec<uint8_t> dataToSign;
-
-    // These attempts do not include an existing key to use
-
+    dataToSign.resize(100);
     keystore->sign(nullptr, dataToSign, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, Sign_empty_key_name) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
 
+    ::android::hardware::hidl_vec<uint8_t> dataToSign;
+    dataToSign.resize(100);
     keystore->sign("", dataToSign, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
 
-    bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, UID_SELF);
+TEST_F(WifiKeystoreHalTest, Sign_empty_data) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
+
+    bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, AID_WIFI);
     EXPECT_EQ(result, true);
 
     // The data to sign is empty, and a failure is expected
-
+    ::android::hardware::hidl_vec<uint8_t> dataToSign;
     keystore->sign(kTestKeyName, dataToSign, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
 
-    // With data the signing attempt should succeed
+TEST_F(WifiKeystoreHalTest, Sign_wrong_key_purpose) {
+    IKeystore::KeystoreStatusCode statusCode;
 
-    dataToSign.resize(100);
-    keystore->sign(kTestKeyName, dataToSign, callback);
-    EXPECT_EQ(IKeystore::KeystoreStatusCode::SUCCESS, statusCode);
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
 
     // Create a key which cannot sign; any signing attempt should fail.
-
-    result = deleteKey(kTestKeyName, UID_SELF);
-    EXPECT_EQ(result, true);
-
-    result = generateKey(kTestKeyName, KeyPurpose::ENCRYPTION, UID_SELF);
+    bool result = generateKey(kTestKeyName, KeyPurpose::ENCRYPTION, AID_WIFI);
     EXPECT_EQ(result, true);
 
+    ::android::hardware::hidl_vec<uint8_t> dataToSign;
+    dataToSign.resize(100);
     keystore->sign(kTestKeyName, dataToSign, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, Sign_wrong_key_type) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
+
+    ::android::hardware::hidl_vec<uint8_t> dataToSign;
 
     // Generate a TYPE_GENERIC key instead of a TYPE_KEYMASTER_10 key.
     // This also cannot be used to sign.
 
-    result = deleteKey(kTestKeyName, UID_SELF);
+    bool result = insert(kTestKeyName, AID_WIFI);
     EXPECT_EQ(result, true);
 
-    result = insert(kTestKeyName, UID_SELF);
+    keystore->sign(kTestKeyName, dataToSign, callback);
+    EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, Sign_success) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
+
+    ::android::hardware::hidl_vec<uint8_t> dataToSign;
+
+    bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, AID_WIFI);
     EXPECT_EQ(result, true);
 
+    // With data the signing attempt should succeed
+
+    dataToSign.resize(100);
     keystore->sign(kTestKeyName, dataToSign, callback);
-    EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+    EXPECT_EQ(IKeystore::KeystoreStatusCode::SUCCESS, statusCode);
+
+    result = deleteKey(kTestKeyName, AID_WIFI);
+    EXPECT_EQ(result, true);
 }
 
-/**
- * Test for the Wifi Keystore HAL's getBlob() call.
- */
-TEST_F(WifiKeystoreHalTest, GetBlob) {
+TEST_F(WifiKeystoreHalTest, GetBlob_null_key_name) {
     IKeystore::KeystoreStatusCode statusCode;
 
     auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
@@ -279,18 +328,49 @@ TEST_F(WifiKeystoreHalTest, GetBlob) {
     };
 
     // Attempting to get a blob on a non-existent key should fail.
-
     statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
     keystore->getBlob(nullptr, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
 
+TEST_F(WifiKeystoreHalTest, GetBlob_empty_key_name) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
+
+    // Attempting to get a blob on a non-existent key should fail.
     statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
     keystore->getBlob("", callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
 
+TEST_F(WifiKeystoreHalTest, GetBlob_missing_key) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
+
+    // Attempting to get a blob on a non-existent key should fail.
     statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
     keystore->getBlob(kTestKeyName, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, GetBlob_wrong_user) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
 
     // The HAL is expecting the key to belong to the wifi user.
     // If the key belongs to another user's space it should fail.
@@ -300,13 +380,20 @@ TEST_F(WifiKeystoreHalTest, GetBlob) {
 
     keystore->getBlob(kTestKeyName, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
 
-    result = deleteKey(kTestKeyName, UID_SELF);
-    EXPECT_EQ(result, true);
+TEST_F(WifiKeystoreHalTest, GetBlob_success) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
 
     // Accessing the key belonging to the wifi user should succeed.
 
-    result = insert(kTestKeyName, AID_WIFI);
+    bool result = insert(kTestKeyName, AID_WIFI);
     EXPECT_EQ(result, true);
 
     keystore->getBlob(kTestKeyName, callback);
@@ -316,10 +403,7 @@ TEST_F(WifiKeystoreHalTest, GetBlob) {
     EXPECT_EQ(result, true);
 }
 
-/**
- * Test for the Wifi Keystore HAL's getPublicKey() call.
- */
-TEST_F(WifiKeystoreHalTest, GetPublicKey) {
+TEST_F(WifiKeystoreHalTest, GetPublicKey_nullptr_key_name) {
     IKeystore::KeystoreStatusCode statusCode;
 
     auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
@@ -329,53 +413,104 @@ TEST_F(WifiKeystoreHalTest, GetPublicKey) {
     };
 
     // Attempting to export a non-existent key should fail.
-
     statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
     keystore->getPublicKey(nullptr, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
 
+TEST_F(WifiKeystoreHalTest, GetPublicKey_empty_key_name) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
+
+    // Attempting to export a non-existent key should fail.
     statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
     keystore->getPublicKey("", callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, GetPublicKey_wrong_key_name) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
 
+    // Attempting to export a non-existent key should fail.
     statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
     keystore->getPublicKey(kTestKeyName, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, GetPublicKey_wrong_user) {
+    IKeystore::KeystoreStatusCode statusCode;
+
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
 
-    // The HAL is expecting the key to belong to the process' user.
-    // If the key belongs to another user's space (e.g. wifi) it should
+    // The HAL is expecting the key to belong to the wifi user.
+    // If the key belongs to another user's space (e.g. root) it should
     // not be accessible and should fail.
 
-    bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, AID_WIFI);
+    bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, UID_SELF);
     EXPECT_EQ(result, true);
 
     keystore->getPublicKey(kTestKeyName, callback);
     EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
 
-    result = deleteKey(kTestKeyName, AID_WIFI);
+    result = deleteKey(kTestKeyName, UID_SELF);
     EXPECT_EQ(result, true);
+}
+
+TEST_F(WifiKeystoreHalTest, GetPublicKey_wrong_key_type) {
+    IKeystore::KeystoreStatusCode statusCode;
 
-    // Accessing the key belonging to the process' uid should succeed.
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
 
-    result = generateKey(kTestKeyName, KeyPurpose::SIGNING, UID_SELF);
+    // A TYPE_GENERIC key (instead of a TYPE_KEYMASTER_10 key)
+    // should also fail.
+
+    bool result = insert(kTestKeyName, AID_WIFI);
     EXPECT_EQ(result, true);
 
     keystore->getPublicKey(kTestKeyName, callback);
-    EXPECT_EQ(IKeystore::KeystoreStatusCode::SUCCESS, statusCode);
+    EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
 
-    result = deleteKey(kTestKeyName, UID_SELF);
+    result = deleteKey(kTestKeyName, AID_WIFI);
     EXPECT_EQ(result, true);
+}
 
-    // A TYPE_GENERIC key (instead of a TYPE_KEYMASTER_10 key)
-    // should also fail.
+TEST_F(WifiKeystoreHalTest, GetPublicKey_success) {
+    IKeystore::KeystoreStatusCode statusCode;
 
-    result = insert(kTestKeyName, UID_SELF);
+    auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+                                  const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+        statusCode = status;
+        return;
+    };
+
+    // Accessing the key belonging to the wifi uid should succeed.
+
+    bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, AID_WIFI);
     EXPECT_EQ(result, true);
 
     keystore->getPublicKey(kTestKeyName, callback);
-    EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+    EXPECT_EQ(IKeystore::KeystoreStatusCode::SUCCESS, statusCode);
 
-    result = deleteKey(kTestKeyName, UID_SELF);
+    result = deleteKey(kTestKeyName, AID_WIFI);
     EXPECT_EQ(result, true);
 }