1 // Copyright 2020, The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 //! Utility functions tests.
16
17 use super::*;
18 use anyhow::Result;
19
20 #[test]
check_device_attestation_permissions_test() -> Result<()>21 fn check_device_attestation_permissions_test() -> Result<()> {
22 check_device_attestation_permissions().or_else(|error| {
23 match error.root_cause().downcast_ref::<Error>() {
24 // Expected: the context for this test might not be allowed to attest device IDs.
25 Some(Error::Km(ErrorCode::CANNOT_ATTEST_IDS)) => Ok(()),
26 // Other errors are unexpected
27 _ => Err(error),
28 }
29 })
30 }
31
create_key_descriptors_from_aliases(key_aliases: &[&str]) -> Vec<KeyDescriptor>32 fn create_key_descriptors_from_aliases(key_aliases: &[&str]) -> Vec<KeyDescriptor> {
33 key_aliases
34 .iter()
35 .map(|key_alias| KeyDescriptor {
36 domain: Domain::APP,
37 nspace: 0,
38 alias: Some(key_alias.to_string()),
39 blob: None,
40 })
41 .collect::<Vec<KeyDescriptor>>()
42 }
43
aliases_from_key_descriptors(key_descriptors: &[KeyDescriptor]) -> Vec<String>44 fn aliases_from_key_descriptors(key_descriptors: &[KeyDescriptor]) -> Vec<String> {
45 key_descriptors
46 .iter()
47 .map(|kd| if let Some(alias) = &kd.alias { String::from(alias) } else { String::from("") })
48 .collect::<Vec<String>>()
49 }
50
51 #[test]
test_safe_amount_to_return() -> Result<()>52 fn test_safe_amount_to_return() -> Result<()> {
53 let key_aliases = vec!["key1", "key2", "key3"];
54 let key_descriptors = create_key_descriptors_from_aliases(&key_aliases);
55
56 assert_eq!(estimate_safe_amount_to_return(Domain::APP, 1017, None, &key_descriptors, 20), 1);
57 assert_eq!(estimate_safe_amount_to_return(Domain::APP, 1017, None, &key_descriptors, 50), 2);
58 assert_eq!(estimate_safe_amount_to_return(Domain::APP, 1017, None, &key_descriptors, 100), 3);
59 Ok(())
60 }
61
62 #[test]
test_merge_and_sort_lists_without_filtering() -> Result<()>63 fn test_merge_and_sort_lists_without_filtering() -> Result<()> {
64 let legacy_key_aliases = vec!["key_c", "key_a", "key_b"];
65 let legacy_key_descriptors = create_key_descriptors_from_aliases(&legacy_key_aliases);
66 let db_key_aliases = vec!["key_a", "key_d"];
67 let db_key_descriptors = create_key_descriptors_from_aliases(&db_key_aliases);
68 let result =
69 merge_and_filter_key_entry_lists(&legacy_key_descriptors, &db_key_descriptors, None);
70 assert_eq!(aliases_from_key_descriptors(&result), vec!["key_a", "key_b", "key_c", "key_d"]);
71 Ok(())
72 }
73
74 #[test]
test_merge_and_sort_lists_with_filtering() -> Result<()>75 fn test_merge_and_sort_lists_with_filtering() -> Result<()> {
76 let legacy_key_aliases = vec!["key_f", "key_a", "key_e", "key_b"];
77 let legacy_key_descriptors = create_key_descriptors_from_aliases(&legacy_key_aliases);
78 let db_key_aliases = vec!["key_c", "key_g"];
79 let db_key_descriptors = create_key_descriptors_from_aliases(&db_key_aliases);
80 let result = merge_and_filter_key_entry_lists(
81 &legacy_key_descriptors,
82 &db_key_descriptors,
83 Some("key_b"),
84 );
85 assert_eq!(aliases_from_key_descriptors(&result), vec!["key_c", "key_e", "key_f", "key_g"]);
86 Ok(())
87 }
88
89 #[test]
test_merge_and_sort_lists_with_filtering_and_dups() -> Result<()>90 fn test_merge_and_sort_lists_with_filtering_and_dups() -> Result<()> {
91 let legacy_key_aliases = vec!["key_f", "key_a", "key_e", "key_b"];
92 let legacy_key_descriptors = create_key_descriptors_from_aliases(&legacy_key_aliases);
93 let db_key_aliases = vec!["key_d", "key_e", "key_g"];
94 let db_key_descriptors = create_key_descriptors_from_aliases(&db_key_aliases);
95 let result = merge_and_filter_key_entry_lists(
96 &legacy_key_descriptors,
97 &db_key_descriptors,
98 Some("key_c"),
99 );
100 assert_eq!(aliases_from_key_descriptors(&result), vec!["key_d", "key_e", "key_f", "key_g"]);
101 Ok(())
102 }
103
104 #[test]
test_list_key_parameters_with_filter_on_security_sensitive_info() -> Result<()>105 fn test_list_key_parameters_with_filter_on_security_sensitive_info() -> Result<()> {
106 let params = vec![
107 KmKeyParameter { tag: Tag::APPLICATION_ID, value: KeyParameterValue::Integer(0) },
108 KmKeyParameter { tag: Tag::APPLICATION_DATA, value: KeyParameterValue::Integer(0) },
109 KmKeyParameter {
110 tag: Tag::CERTIFICATE_NOT_AFTER,
111 value: KeyParameterValue::DateTime(UNDEFINED_NOT_AFTER),
112 },
113 KmKeyParameter { tag: Tag::CERTIFICATE_NOT_BEFORE, value: KeyParameterValue::DateTime(0) },
114 ];
115 let wanted = vec![
116 KmKeyParameter {
117 tag: Tag::CERTIFICATE_NOT_AFTER,
118 value: KeyParameterValue::DateTime(UNDEFINED_NOT_AFTER),
119 },
120 KmKeyParameter { tag: Tag::CERTIFICATE_NOT_BEFORE, value: KeyParameterValue::DateTime(0) },
121 ];
122
123 assert_eq!(log_security_safe_params(¶ms), wanted);
124 Ok(())
125 }
126