Merge "Check return from DeleteKey correctly." into oc-dev
diff --git a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
index 0c888dc..75ec2d5 100644
--- a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -374,7 +374,7 @@
public:
void TearDown() override {
if (key_blob_.size()) {
- EXPECT_EQ(ErrorCode::OK, DeleteKey());
+ CheckedDeleteKey();
}
AbortIfNeeded();
}
@@ -505,6 +505,13 @@
return error;
}
+ void CheckedDeleteKey(HidlBuf* key_blob, bool keep_key_blob = false) {
+ auto rc = DeleteKey(key_blob, keep_key_blob);
+ EXPECT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED);
+ }
+
+ void CheckedDeleteKey() { CheckedDeleteKey(&key_blob_); }
+
ErrorCode GetCharacteristics(const HidlBuf& key_blob, const HidlBuf& client_id,
const HidlBuf& app_data, KeyCharacteristics* key_characteristics) {
ErrorCode error;
@@ -718,7 +725,7 @@
KeyFormat::RAW, key));
string signature = MacMessage(message, digest, expected_mac.size() * 8);
EXPECT_EQ(expected_mac, signature) << "Test vector didn't match for digest " << (int)digest;
- DeleteKey();
+ CheckedDeleteKey();
}
void CheckAesCtrTestVector(const string& key, const string& nonce, const string& message,
@@ -1063,7 +1070,7 @@
EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size));
EXPECT_TRUE(crypto_params.Contains(TAG_RSA_PUBLIC_EXPONENT, 3));
- EXPECT_EQ(ErrorCode::OK, DeleteKey(&key_blob));
+ CheckedDeleteKey(&key_blob);
}
}
@@ -1108,7 +1115,7 @@
EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC));
EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size));
- EXPECT_EQ(ErrorCode::OK, DeleteKey(&key_blob));
+ CheckedDeleteKey(&key_blob);
}
}
@@ -1157,7 +1164,7 @@
EXPECT_EQ(ErrorCode::OK,
GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(size).Digest(Digest::NONE)))
<< "Failed to generate size: " << size;
- DeleteKey();
+ CheckedDeleteKey();
}
}
@@ -1173,7 +1180,7 @@
ErrorCode::OK,
GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(curve).Digest(Digest::SHA_2_512)))
<< "Failed to generate key on curve: " << curve;
- DeleteKey();
+ CheckedDeleteKey();
}
}
@@ -1223,7 +1230,7 @@
EXPECT_TRUE(softwareEnforced.Contains(TAG_KEY_SIZE, key_size));
}
- EXPECT_EQ(ErrorCode::OK, DeleteKey(&key_blob));
+ CheckedDeleteKey(&key_blob);
}
}
@@ -1251,7 +1258,7 @@
.HmacKey(key_size)
.Digest(Digest::SHA_2_256)
.Authorization(TAG_MIN_MAC_LENGTH, 256)));
- DeleteKey();
+ CheckedDeleteKey();
}
}
}
@@ -1283,7 +1290,7 @@
.HmacKey(128)
.Digest(Digest::SHA_2_256)
.Authorization(TAG_MIN_MAC_LENGTH, min_mac_length)));
- DeleteKey();
+ CheckedDeleteKey();
}
}
}
@@ -1673,7 +1680,7 @@
string message(1024, 'a');
if (digest == Digest::NONE) message.resize(key_size / 8);
SignMessage(message, AuthorizationSetBuilder().Digest(digest));
- DeleteKey();
+ CheckedDeleteKey();
}
}
}
@@ -1694,7 +1701,7 @@
string message(1024, 'a');
SignMessage(message, AuthorizationSetBuilder().Digest(Digest::SHA_2_256));
- DeleteKey();
+ CheckedDeleteKey();
}
}
@@ -1755,7 +1762,7 @@
string signature = MacMessage(message, digest, 160);
EXPECT_EQ(160U / 8U, signature.size())
<< "Failed to sign with HMAC key with digest " << digest;
- DeleteKey();
+ CheckedDeleteKey();
}
}
@@ -2142,7 +2149,8 @@
<< curve << ' ' << digest;
}
- ASSERT_EQ(ErrorCode::OK, DeleteKey());
+ auto rc = DeleteKey();
+ ASSERT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED);
}
}
@@ -2188,8 +2196,8 @@
VerifyMessage(verification_key, message, signature,
AuthorizationSetBuilder().Digest(Digest::SHA1));
- EXPECT_EQ(ErrorCode::OK, DeleteKey(&signing_key));
- EXPECT_EQ(ErrorCode::OK, DeleteKey(&verification_key));
+ CheckedDeleteKey(&signing_key);
+ CheckedDeleteKey(&verification_key);
}
typedef KeymasterHidlTest ExportKeyTest;
@@ -3437,14 +3445,14 @@
string key = make_string(key_bytes);
ASSERT_EQ(ErrorCode::OK, ImportKey(import_params, KeyFormat::RAW, key));
string plaintext = DecryptMessage(ciphertext, params);
- EXPECT_EQ(ErrorCode::OK, DeleteKey());
+ CheckedDeleteKey();
// Corrupt key and attempt to decrypt
key[0] = 0;
ASSERT_EQ(ErrorCode::OK, ImportKey(import_params, KeyFormat::RAW, key));
EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, params));
EXPECT_EQ(ErrorCode::VERIFICATION_FAILED, Finish(ciphertext, &plaintext));
- EXPECT_EQ(ErrorCode::OK, DeleteKey());
+ CheckedDeleteKey();
}
/*