service_manager->getService(String16(kKeystoreServiceName));
service = interface_cast<IKeystoreService>(keystore_binder);
- EXPECT_NE(nullptr, service.get());
+ ASSERT_TRUE(service);
resetState();
}
sp<IKeystoreService> service;
};
-/**
- * Test for the Wifi Keystore HAL's sign() call.
- */
-TEST_F(WifiKeystoreHalTest, Sign) {
- ::android::system::wifi::keystore::V1_0::IKeystore::KeystoreStatusCode statusCode;
+TEST_F(WifiKeystoreHalTest, Sign_nullptr_key_name) {
+ IKeystore::KeystoreStatusCode statusCode;
auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
};
::android::hardware::hidl_vec<uint8_t> dataToSign;
-
- // These attempts do not include an existing key to use
-
+ dataToSign.resize(100);
keystore->sign(nullptr, dataToSign, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, Sign_empty_key_name) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
+ ::android::hardware::hidl_vec<uint8_t> dataToSign;
+ dataToSign.resize(100);
keystore->sign("", dataToSign, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
- bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, UID_SELF);
+TEST_F(WifiKeystoreHalTest, Sign_empty_data) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
+
+ bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, AID_WIFI);
EXPECT_EQ(result, true);
// The data to sign is empty, and a failure is expected
-
+ ::android::hardware::hidl_vec<uint8_t> dataToSign;
keystore->sign(kTestKeyName, dataToSign, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
- // With data the signing attempt should succeed
+TEST_F(WifiKeystoreHalTest, Sign_wrong_key_purpose) {
+ IKeystore::KeystoreStatusCode statusCode;
- dataToSign.resize(100);
- keystore->sign(kTestKeyName, dataToSign, callback);
- EXPECT_EQ(IKeystore::KeystoreStatusCode::SUCCESS, statusCode);
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
// Create a key which cannot sign; any signing attempt should fail.
-
- result = deleteKey(kTestKeyName, UID_SELF);
- EXPECT_EQ(result, true);
-
- result = generateKey(kTestKeyName, KeyPurpose::ENCRYPTION, UID_SELF);
+ bool result = generateKey(kTestKeyName, KeyPurpose::ENCRYPTION, AID_WIFI);
EXPECT_EQ(result, true);
+ ::android::hardware::hidl_vec<uint8_t> dataToSign;
+ dataToSign.resize(100);
keystore->sign(kTestKeyName, dataToSign, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, Sign_wrong_key_type) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
+
+ ::android::hardware::hidl_vec<uint8_t> dataToSign;
// Generate a TYPE_GENERIC key instead of a TYPE_KEYMASTER_10 key.
// This also cannot be used to sign.
- result = deleteKey(kTestKeyName, UID_SELF);
+ bool result = insert(kTestKeyName, AID_WIFI);
EXPECT_EQ(result, true);
- result = insert(kTestKeyName, UID_SELF);
+ keystore->sign(kTestKeyName, dataToSign, callback);
+ EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, Sign_success) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
+
+ ::android::hardware::hidl_vec<uint8_t> dataToSign;
+
+ bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, AID_WIFI);
EXPECT_EQ(result, true);
+ // With data the signing attempt should succeed
+
+ dataToSign.resize(100);
keystore->sign(kTestKeyName, dataToSign, callback);
- EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+ EXPECT_EQ(IKeystore::KeystoreStatusCode::SUCCESS, statusCode);
+
+ result = deleteKey(kTestKeyName, AID_WIFI);
+ EXPECT_EQ(result, true);
}
-/**
- * Test for the Wifi Keystore HAL's getBlob() call.
- */
-TEST_F(WifiKeystoreHalTest, GetBlob) {
+TEST_F(WifiKeystoreHalTest, GetBlob_null_key_name) {
IKeystore::KeystoreStatusCode statusCode;
auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
};
// Attempting to get a blob on a non-existent key should fail.
-
statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
keystore->getBlob(nullptr, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+TEST_F(WifiKeystoreHalTest, GetBlob_empty_key_name) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
+
+ // Attempting to get a blob on a non-existent key should fail.
statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
keystore->getBlob("", callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+TEST_F(WifiKeystoreHalTest, GetBlob_missing_key) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
+
+ // Attempting to get a blob on a non-existent key should fail.
statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
keystore->getBlob(kTestKeyName, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, GetBlob_wrong_user) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
// The HAL is expecting the key to belong to the wifi user.
// If the key belongs to another user's space it should fail.
keystore->getBlob(kTestKeyName, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
- result = deleteKey(kTestKeyName, UID_SELF);
- EXPECT_EQ(result, true);
+TEST_F(WifiKeystoreHalTest, GetBlob_success) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
// Accessing the key belonging to the wifi user should succeed.
- result = insert(kTestKeyName, AID_WIFI);
+ bool result = insert(kTestKeyName, AID_WIFI);
EXPECT_EQ(result, true);
keystore->getBlob(kTestKeyName, callback);
EXPECT_EQ(result, true);
}
-/**
- * Test for the Wifi Keystore HAL's getPublicKey() call.
- */
-TEST_F(WifiKeystoreHalTest, GetPublicKey) {
+TEST_F(WifiKeystoreHalTest, GetPublicKey_nullptr_key_name) {
IKeystore::KeystoreStatusCode statusCode;
auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
};
// Attempting to export a non-existent key should fail.
-
statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
keystore->getPublicKey(nullptr, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+TEST_F(WifiKeystoreHalTest, GetPublicKey_empty_key_name) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
+
+ // Attempting to export a non-existent key should fail.
statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
keystore->getPublicKey("", callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, GetPublicKey_wrong_key_name) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
+ // Attempting to export a non-existent key should fail.
statusCode = IKeystore::KeystoreStatusCode::SUCCESS;
keystore->getPublicKey(kTestKeyName, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+}
+
+TEST_F(WifiKeystoreHalTest, GetPublicKey_wrong_user) {
+ IKeystore::KeystoreStatusCode statusCode;
+
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
- // The HAL is expecting the key to belong to the process' user.
- // If the key belongs to another user's space (e.g. wifi) it should
+ // The HAL is expecting the key to belong to the wifi user.
+ // If the key belongs to another user's space (e.g. root) it should
// not be accessible and should fail.
- bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, AID_WIFI);
+ bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, UID_SELF);
EXPECT_EQ(result, true);
keystore->getPublicKey(kTestKeyName, callback);
EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
- result = deleteKey(kTestKeyName, AID_WIFI);
+ result = deleteKey(kTestKeyName, UID_SELF);
EXPECT_EQ(result, true);
+}
+
+TEST_F(WifiKeystoreHalTest, GetPublicKey_wrong_key_type) {
+ IKeystore::KeystoreStatusCode statusCode;
- // Accessing the key belonging to the process' uid should succeed.
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
- result = generateKey(kTestKeyName, KeyPurpose::SIGNING, UID_SELF);
+ // A TYPE_GENERIC key (instead of a TYPE_KEYMASTER_10 key)
+ // should also fail.
+
+ bool result = insert(kTestKeyName, AID_WIFI);
EXPECT_EQ(result, true);
keystore->getPublicKey(kTestKeyName, callback);
- EXPECT_EQ(IKeystore::KeystoreStatusCode::SUCCESS, statusCode);
+ EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
- result = deleteKey(kTestKeyName, UID_SELF);
+ result = deleteKey(kTestKeyName, AID_WIFI);
EXPECT_EQ(result, true);
+}
- // A TYPE_GENERIC key (instead of a TYPE_KEYMASTER_10 key)
- // should also fail.
+TEST_F(WifiKeystoreHalTest, GetPublicKey_success) {
+ IKeystore::KeystoreStatusCode statusCode;
- result = insert(kTestKeyName, UID_SELF);
+ auto callback = [&statusCode](IKeystore::KeystoreStatusCode status,
+ const ::android::hardware::hidl_vec<uint8_t>& /*value*/) {
+ statusCode = status;
+ return;
+ };
+
+ // Accessing the key belonging to the wifi uid should succeed.
+
+ bool result = generateKey(kTestKeyName, KeyPurpose::SIGNING, AID_WIFI);
EXPECT_EQ(result, true);
keystore->getPublicKey(kTestKeyName, callback);
- EXPECT_EQ(IKeystore::KeystoreStatusCode::ERROR_UNKNOWN, statusCode);
+ EXPECT_EQ(IKeystore::KeystoreStatusCode::SUCCESS, statusCode);
- result = deleteKey(kTestKeyName, UID_SELF);
+ result = deleteKey(kTestKeyName, AID_WIFI);
EXPECT_EQ(result, true);
}