Google Git
Sign in
android / platform / test / vts-testcase / kernel / refs/heads/main / . / encryption / vts_kernel_encryption.h
blob: bf45719eb33c674bdd4d0e5532d94243659e3440 [file] [log] [blame]
/*
* Copyright (C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#pragma once
#include <gtest/gtest.h>
#include <stdint.h>
#include <string>
#include <vector>
namespace android {
namespace kernel {
class Cipher {
public:
virtual ~Cipher() {}
bool Encrypt(const std::vector<uint8_t> &key, const uint8_t *iv,
const uint8_t *src, uint8_t *dst, int nbytes) const {
if (key.size() != keysize()) {
ADD_FAILURE() << "Bad key size";
return false;
}
return DoCrypt(key.data(), iv, src, dst, nbytes, true);
}
bool Decrypt(const std::vector<uint8_t> &key, const uint8_t *iv,
const uint8_t *src, uint8_t *dst, int nbytes) const {
if (key.size() != keysize()) {
ADD_FAILURE() << "Bad key size";
return false;
}
return DoCrypt(key.data(), iv, src, dst, nbytes, false);
}
virtual int keysize() const = 0;
virtual int ivsize() const = 0;
protected:
virtual bool DoCrypt(const uint8_t *key, const uint8_t *iv,
const uint8_t *src, uint8_t *dst, int nbytes,
bool encrypt) const = 0;
};
// aes_256_xts.cpp
constexpr int kAesBlockSize = 16;
constexpr int kAes256KeySize = 32;
constexpr int kAes256XtsKeySize = 2 * kAes256KeySize;
class Aes256XtsCipher : public Cipher {
public:
int keysize() const { return kAes256XtsKeySize; }
int ivsize() const { return kAesBlockSize; }
private:
bool DoCrypt(const uint8_t *key, const uint8_t *iv, const uint8_t *src,
uint8_t *dst, int nbytes, bool encrypt) const;
};
// adiantum.cpp
constexpr int kAdiantumKeySize = 32;
// It's variable-length in general, but the Linux kernel always uses 32.
constexpr int kAdiantumIVSize = 32;
class AdiantumCipher : public Cipher {
public:
int keysize() const { return kAdiantumKeySize; }
int ivsize() const { return kAdiantumIVSize; }
private:
bool DoCrypt(const uint8_t *key, const uint8_t *iv, const uint8_t *src,
uint8_t *dst, int nbytes, bool encrypt) const;
};
// utils.cpp
std::string Errno();
void DeleteRecursively(const std::string &path);
void RandomBytesForTesting(std::vector<uint8_t> &bytes);
std::vector<uint8_t> GenerateTestKey(size_t size);
std::string BytesToHex(const std::vector<uint8_t> &bytes);
template <size_t N>
static inline std::string BytesToHex(const uint8_t (&array)[N]) {
return BytesToHex(std::vector<uint8_t>(&array[0], &array[N]));
}
bool GetFirstApiLevel(int *first_api_level);
constexpr int kFilesystemUuidSize = 16;
struct FilesystemUuid {
uint8_t bytes[kFilesystemUuidSize];
};
struct FilesystemInfo {
std::string fs_blk_device;
std::string type;
FilesystemUuid uuid;
std::string raw_blk_device;
};
bool GetFilesystemInfo(const std::string &mountpoint, FilesystemInfo *info);
bool VerifyDataRandomness(const std::vector<uint8_t> &bytes);
bool CreateHwWrappedKey(std::vector<uint8_t> *master_key,
std::vector<uint8_t> *exported_key);
bool DeriveHwWrappedEncryptionKey(const std::vector<uint8_t> &master_key,
std::vector<uint8_t> *enc_key);
bool DeriveHwWrappedRawSecret(const std::vector<uint8_t> &master_key,
std::vector<uint8_t> *secret);
} // namespace kernel
} // namespace android