diff options
author | Firas Sammoura <fsammoura@google.com> | 2022-08-29 18:24:15 +0000 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2022-08-30 15:24:32 +0000 |
commit | 49b6b7f2c9b0327bb028e2529ce6b5f8b76e29eb (patch) | |
tree | 69c4c65e19a354bea3b43fb57078433b293ccf16 /test | |
parent | 56d8b360f98a08f947af6ff9c4f635fa70dbf48a (diff) | |
download | chrome-ec-49b6b7f2c9b0327bb028e2529ce6b5f8b76e29eb.tar.gz |
test: Add test for get ikm failure with when secret fail
Add a test for get_ikm when the tmp seed is set and the
rollback_get_secret is failing.
BRANCH=None
BUG=b:242720240
TEST=make run-fpsensor_crypto
TEST=make runhosttests
Signed-off-by: Firas Sammoura <fsammoura@google.com>
Change-Id: Ida1f40943eb5fa7795a658a1c8a318036f164d11
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3861202
Reviewed-by: Bobby Casey <bobbycasey@google.com>
Diffstat (limited to 'test')
-rw-r--r-- | test/fpsensor_crypto.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/test/fpsensor_crypto.c b/test/fpsensor_crypto.c index 1db58ed61c..596a367e1e 100644 --- a/test/fpsensor_crypto.c +++ b/test/fpsensor_crypto.c @@ -110,6 +110,28 @@ test_static int test_get_ikm_failure_seed_not_set(void) return EC_SUCCESS; } +test_static int test_get_ikm_failure_cannot_get_rollback_secret(void) +{ + uint8_t ikm[CONFIG_ROLLBACK_SECRET_SIZE + FP_CONTEXT_TPM_BYTES]; + + /* Given that the tmp seed has been set. */ + TEST_ASSERT(fp_tpm_seed_is_set()); + + /* GIVEN that reading the rollback secret will fail. */ + mock_ctrl_rollback.get_secret_fail = true; + + /* THEN get_ikm should fail. */ + TEST_ASSERT(get_ikm(ikm) == EC_ERROR_HW_INTERNAL); + + /* + * Enable get_rollback_secret to succeed before returning from this + * test function. + */ + mock_ctrl_rollback.get_secret_fail = false; + + return EC_SUCCESS; +} + static int test_hkdf_expand_raw(const uint8_t *prk, size_t prk_size, const uint8_t *info, size_t info_size, const uint8_t *expected_okm, size_t okm_size) @@ -709,6 +731,7 @@ void run_test(int argc, char **argv) EC_SUCCESS); /* The following test requires TPM seed to be already set. */ + RUN_TEST(test_get_ikm_failure_cannot_get_rollback_secret); RUN_TEST(test_derive_encryption_key); RUN_TEST(test_derive_encryption_key_failure_rollback_fail); RUN_TEST(test_derive_new_pos_match_secret); |