diff options
author | Tom Hughes <tomhughes@chromium.org> | 2022-09-21 14:10:01 -0700 |
---|---|---|
committer | Tom Hughes <tomhughes@chromium.org> | 2022-09-22 12:49:33 -0700 |
commit | 2bcf863b492fe7ed8105c853814dba6ed32ba719 (patch) | |
tree | fcf6ce5810f9ff9e3c8cce434812dd75492269ed /test/fpsensor_state.c | |
parent | e5fb0b9ba488614b5684e640530f00821ab7b943 (diff) | |
parent | 28712dae9d7ed1e694f7622cc083afa71090d4d5 (diff) | |
download | chrome-ec-2bcf863b492fe7ed8105c853814dba6ed32ba719.tar.gz |
Merge remote-tracking branch cros/main into firmware-fpmcu-bloonchipper-releasefirmware-fpmcu-bloonchipper-release
Generated by: ./util/update_release_branch.py --board bloonchipper
--relevant_paths_file ./util/fingerprint-relevant-paths.txt firmware-
fpmcu-bloonchipper-release
Relevant changes:
git log --oneline e5fb0b9ba4..28712dae9d -- board/hatch_fp
board/bloonchipper common/fpsensor docs/fingerprint driver/fingerprint
util/getversion.sh
ded9307b79 util/getversion.sh: Fix version when not in a git repo
956055e692 board: change Google USB vendor info
71b2ef709d Update license boilerplate text in source code files
33e11afda0 Revert "fpsensor: Build fpsensor source file with C++"
c8d0360723 fpsensor: Build fpsensor source file with C++
bc113abd53 fpsensor: Fix g++ compiler error
150a58a0dc fpsensor: Fix fp_set_sensor_mode return type
b33b5ce85b fpsensor: Remove nested designators for C++ compatibility
2e864b2539 tree-wide: const-ify argv for console commands
56d8b360f9 test: Add test for get ikm failure when seed not set
3a3d6c3690 test: Add test for fpsensor trivial key failure
233e6bbd08 fpsensor_crypto: Abstract calls to hmac_SHA256
0a041b285b docs/fingerprint: Typo correction
c03fab67e2 docs/fingerprint: Fix the path of fputils.py
0b5d4baf5a util/getversion.sh: Fix empty file list handling
6e128fe760 FPMCU dev board environment with Satlab
3eb29b6aa5 builtin: Move ssize_t to sys/types.h
345d62ebd1 docs/fingerprint: Update power numbers for latest dartmonkey release
c25ffdb316 common: Conditionally support printf %l and %i modifiers
9a3c514b45 test: Add a test to check if the debugger is connected
54e603413f Move standard library tests to their own file
43fa6b4bf8 docs/fingerprint: Update power numbers for latest bloonchipper release
25536f9a84 driver/fingerprint/fpc/bep/fpc_sensor_spi.c: Format with clang-format
4face99efd driver/fingerprint/fpc/libfp/fpc_sensor_pal.h: Format with clang-format
738de2b575 trng: Rename rand to trng_rand
14b8270edd docs/fingerprint: Update dragonclaw power numbers
0b268f93d1 driver/fingerprint/fpc/libfp/fpc_private.c: Format with clang-format
f80da163f2 driver/fingerprint/fpc/libfp/fpc_private.h: Format with clang-format
5e9c85c9b1 driver/fingerprint/fpc/libfp/fpc_sensor_pal.c: Format with clang-format
c1f9dd3cf8 driver/fingerprint/fpc/libfp/fpc_bio_algorithm.h: Format with clang-format
eb1e1bed8d driver/fingerprint/fpc/libfp/fpc1145_private.h: Format with clang-format
6e7b611821 driver/fingerprint/fpc/bep/fpc_bio_algorithm.h: Format with clang-format
e0589cd5e2 driver/fingerprint/fpc/bep/fpc1035_private.h: Format with clang-format
7905e556a0 common/fpsensor/fpsensor_crypto.c: Format with clang-format
21289d170c driver/fingerprint/fpc/bep/fpc1025_private.h: Format with clang-format
98a20f937e common/fpsensor/fpsensor_state.c: Format with clang-format
a2d255d8af common/fpsensor/fpsensor.c: Format with clang-format
73055eeb3f driver/fingerprint/fpc/bep/fpc_private.c: Format with clang-format
0f7b5cb509 common/fpsensor/fpsensor_private.h: Format with clang-format
1ceade6e65 driver/fingerprint/fpc/bep/fpc_private.h: Format with clang-format
dc3e9008b8 board/hatch_fp/board.h: Format with clang-format
dca9d74321 Revert "trng: Rename rand to trng_rand"
a6b0b3554f trng: Rename rand to trng_rand
28d0b75b70 third_party/boringssl: Remove unused header
BRANCH=None
BUG=b:246424843 b:234181908 b:244781166 b:234181908 b:244387210
BUG=b:242720240 chromium:1098010 b:180945056 b:236025198 b:234181908
BUG=b:234181908 b:237344361 b:131913998 b:236386294 b:234143158
BUG=b:234781655 b:215613183 b:242720910
TEST=`make -j buildall`
TEST=./test/run_device_tests.py --board bloonchipper
Test "aes": PASSED
Test "cec": PASSED
Test "cortexm_fpu": PASSED
Test "crc": PASSED
Test "flash_physical": PASSED
Test "flash_write_protect": PASSED
Test "fpsensor_hw": PASSED
Test "fpsensor_spi_ro": PASSED
Test "fpsensor_spi_rw": PASSED
Test "fpsensor_uart_ro": PASSED
Test "fpsensor_uart_rw": PASSED
Test "mpu_ro": PASSED
Test "mpu_rw": PASSED
Test "mutex": PASSED
Test "pingpong": PASSED
Test "printf": PASSED
Test "queue": PASSED
Test "rollback_region0": PASSED
Test "rollback_region1": PASSED
Test "rollback_entropy": PASSED
Test "rtc": PASSED
Test "sha256": PASSED
Test "sha256_unrolled": PASSED
Test "static_if": PASSED
Test "stdlib": PASSED
Test "system_is_locked_wp_on": PASSED
Test "system_is_locked_wp_off": PASSED
Test "timer_dos": PASSED
Test "utils": PASSED
Test "utils_str": PASSED
Test "stm32f_rtc": PASSED
Test "panic_data_bloonchipper_v2.0.4277": PASSED
Test "panic_data_bloonchipper_v2.0.5938": PASSED
Force-Relevant-Builds: all
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: I264ad0ffe7afcd507a1e483c6e934a9c4fea47c3
Diffstat (limited to 'test/fpsensor_state.c')
-rw-r--r-- | test/fpsensor_state.c | 202 |
1 files changed, 200 insertions, 2 deletions
diff --git a/test/fpsensor_state.c b/test/fpsensor_state.c index 3822fe49ab..0b61e1c2d4 100644 --- a/test/fpsensor_state.c +++ b/test/fpsensor_state.c @@ -1,4 +1,4 @@ -/* Copyright 2020 The Chromium OS Authors. All rights reserved. +/* Copyright 2020 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ @@ -186,7 +186,198 @@ test_static int test_fp_set_maintenance_mode(void) return EC_SUCCESS; } -void run_test(int argc, char **argv) +test_static int test_fp_command_read_match_secret_fail_fgr_less_than_zero(void) +{ + /* Create invalid param with fgr < 0 */ + struct ec_params_fp_read_match_secret test_match_secret = { + .fgr = -1, + }; + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret, + sizeof(test_match_secret), NULL, + 0) == EC_RES_INVALID_PARAM); + + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_fail_fgr_large_than_max(void) +{ + /* Create invalid param with fgr = FP_MAX_FINGER_COUNT */ + struct ec_params_fp_read_match_secret test_match_secret = { + .fgr = FP_MAX_FINGER_COUNT, + }; + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret, + sizeof(test_match_secret), NULL, + 0) == EC_RES_INVALID_PARAM); + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_fail_timeout(void) +{ + /* Create valid param with 0 <= fgr < 5 */ + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = 1, + }; + + /* Disable positive secret match to create 0 deadline val */ + fp_disable_positive_match_secret(&positive_match_secret_state); + + TEST_ASSERT(positive_match_secret_state.deadline.val == 0); + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, + sizeof(test_match_secret_1), NULL, + 0) == EC_RES_TIMEOUT); + + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_unmatched_fgr(void) +{ + /* Create valid param with 0 <= fgr < 5 */ + uint16_t matched_fgr = 1; + uint16_t unmatched_fgr = 2; + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = matched_fgr, + }; + /* Create positive secret match state with valid deadline value, + * readable state, and wrong template matched + */ + struct positive_match_secret_state test_state = { + .deadline.val = 5000000, + .readable = true, + .template_matched = unmatched_fgr, + }; + + /* Test for the wrong matched finger state */ + positive_match_secret_state = test_state; + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, + sizeof(test_match_secret_1), NULL, + 0) == EC_RES_ACCESS_DENIED); + + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_unreadable_state(void) +{ + /* Create valid param with 0 <= fgr < 5 */ + uint16_t matched_fgr = 1; + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = matched_fgr, + }; + /* + * Create positive secret match state with valid deadline value , + * unreadable state, and correct matched template + */ + struct positive_match_secret_state test_state = { + .deadline.val = 5000000, + .readable = false, + .template_matched = matched_fgr, + }; + + /* Test for the unreadable state */ + positive_match_secret_state = test_state; + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, + sizeof(test_match_secret_1), NULL, + 0) == EC_RES_ACCESS_DENIED); + + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_derive_fail(void) +{ + struct ec_response_fp_read_match_secret response = { 0 }; + /* Create valid param with 0 <= fgr < 5 */ + uint16_t matched_fgr = 1; + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = matched_fgr, + }; + /* Create positive secret match state with valid deadline value, + * readable state, and correct template matched + */ + struct positive_match_secret_state test_state_1 = { + .deadline.val = 5000000, + .readable = true, + .template_matched = matched_fgr, + }; + positive_match_secret_state = test_state_1; + /* Set fp_positive_match_salt to the trivial value */ + memcpy(fp_positive_match_salt, trivial_fp_positive_match_salt, + sizeof(trivial_fp_positive_match_salt)); + + /* Test with the correct matched finger state and a trivial + * fp_positive_match_salt + */ + TEST_ASSERT(test_send_host_command( + EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, sizeof(test_match_secret_1), + &response, sizeof(response)) == EC_RES_ERROR); + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_derive_succeed(void) +{ + struct ec_response_fp_read_match_secret response = { 0 }; + /* Create valid param with 0 <= fgr < 5 */ + uint16_t matched_fgr = 1; + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = matched_fgr, + }; + + /* Expected positive_match_secret same as in test/fpsensor_crypto.c*/ + static const uint8_t + expected_positive_match_secret_for_empty_user_id[] = { + 0x8d, 0xc4, 0x5b, 0xdf, 0x55, 0x1e, 0xa8, 0x72, + 0xd6, 0xdd, 0xa1, 0x4c, 0xb8, 0xa1, 0x76, 0x2b, + 0xde, 0x38, 0xd5, 0x03, 0xce, 0xe4, 0x74, 0x51, + 0x63, 0x6c, 0x6a, 0x26, 0xa9, 0xb7, 0xfa, 0x68, + }; + /* Create positive secret match state with valid deadline value, + * readable state, and correct template matched + */ + struct positive_match_secret_state test_state_1 = { + .deadline.val = 5000000, + .readable = true, + .template_matched = matched_fgr, + }; + positive_match_secret_state = test_state_1; + /* Set fp_positive_match_salt to the trivial value */ + memcpy(fp_positive_match_salt, default_fake_fp_positive_match_salt, + sizeof(default_fake_fp_positive_match_salt)); + + TEST_ASSERT_ARRAY_EQ( + (uint8_t const *)fp_positive_match_salt, + (uint8_t const *)default_fake_fp_positive_match_salt, + sizeof(default_fake_fp_positive_match_salt)); + + /* Initialize an empty user_id to compare positive_match_secret */ + memset(user_id, 0, sizeof(user_id)); + + TEST_ASSERT(fp_tpm_seed_is_set()); + /* Test with the correct matched finger state and the default fake + * fp_positive_match_salt + */ + TEST_ASSERT(test_send_host_command( + EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, sizeof(test_match_secret_1), + &response, sizeof(response)) == EC_SUCCESS); + + TEST_ASSERT_ARRAY_EQ( + response.positive_match_secret, + expected_positive_match_secret_for_empty_user_id, + sizeof(expected_positive_match_secret_for_empty_user_id)); + + return EC_SUCCESS; +} + +void run_test(int argc, const char **argv) { RUN_TEST(test_fp_enc_status_valid_flags); RUN_TEST(test_fp_tpm_seed_not_set); @@ -194,5 +385,12 @@ void run_test(int argc, char **argv) RUN_TEST(test_set_fp_tpm_seed_again); RUN_TEST(test_fp_set_sensor_mode); RUN_TEST(test_fp_set_maintenance_mode); + RUN_TEST(test_fp_command_read_match_secret_fail_fgr_less_than_zero); + RUN_TEST(test_fp_command_read_match_secret_fail_fgr_large_than_max); + RUN_TEST(test_fp_command_read_match_secret_fail_timeout); + RUN_TEST(test_fp_command_read_match_secret_unmatched_fgr); + RUN_TEST(test_fp_command_read_match_secret_unreadable_state); + RUN_TEST(test_fp_command_read_match_secret_derive_fail); + RUN_TEST(test_fp_command_read_match_secret_derive_succeed); test_print_result(); } |