From 9784d8c6ce7e9c72ebae942610dde8c81d84e44a Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Wed, 7 Jun 2023 13:47:29 +0200 Subject: [PATCH] CKM: Max chunk size test Change-Id: If9524ee246dde5e1992005c8f8950577b907607c --- src/ckm/unprivileged/encryption-decryption-env.cpp | 10 +++++++ src/ckm/unprivileged/encryption-decryption.cpp | 6 +++- src/ckm/unprivileged/main.cpp | 35 +++++++++++++++++++++- 3 files changed, 49 insertions(+), 2 deletions(-) diff --git a/src/ckm/unprivileged/encryption-decryption-env.cpp b/src/ckm/unprivileged/encryption-decryption-env.cpp index 16017d4..7f43bcb 100644 --- a/src/ckm/unprivileged/encryption-decryption-env.cpp +++ b/src/ckm/unprivileged/encryption-decryption-env.cpp @@ -20,6 +20,7 @@ */ #include +#include using namespace CKM; @@ -151,7 +152,16 @@ int CipherApi::crypt(ckmc_cipher_ctx_h ctx, size_t left, CKM::RawBuffer& output) { +#ifdef TZ_BACKEND + ckmc_backend_info_h info; + size_t maxSize; + // All unexportable keys go to TZ if enabled (and all of them are unexportable) + assert_positive(ckmc_get_backend_info, CKMC_BACKEND_TZ, &info); + assert_positive(ckmc_backend_get_max_chunk_size, info, &maxSize); + const size_t CHUNK_SIZE = 80 < maxSize ? 80 : maxSize; +#else const size_t CHUNK_SIZE = 80; +#endif ckmc_raw_buffer_s* out = nullptr; ckmc_raw_buffer_s* in = nullptr; size_t size = CHUNK_SIZE; diff --git a/src/ckm/unprivileged/encryption-decryption.cpp b/src/ckm/unprivileged/encryption-decryption.cpp index cf9e67a..d8b98b3 100644 --- a/src/ckm/unprivileged/encryption-decryption.cpp +++ b/src/ckm/unprivileged/encryption-decryption.cpp @@ -213,7 +213,11 @@ public: PLAIN_DATA = create_raw_buffer(createRandomBufferCAPI(BUF_LEN)); #ifdef TZ_BACKEND - BIG_DATA = create_raw_buffer(createRandomBufferCAPI(1000)); + ckmc_backend_info_h info; + size_t size; + assert_positive(ckmc_get_backend_info, CKMC_BACKEND_TZ, &info); + assert_positive(ckmc_backend_get_max_chunk_size, info, &size); + BIG_DATA = create_raw_buffer(createRandomBufferCAPI(size)); #else BIG_DATA = create_raw_buffer(createRandomBufferCAPI(500000)); #endif diff --git a/src/ckm/unprivileged/main.cpp b/src/ckm/unprivileged/main.cpp index f55aeb2..8f02903 100644 --- a/src/ckm/unprivileged/main.cpp +++ b/src/ckm/unprivileged/main.cpp @@ -280,7 +280,13 @@ RUNNER_TEST(T1014_save_with_label) RUNNER_TEST(T1020_save_big_data) { #ifdef TZ_BACKEND - const size_t BIG_SIZE = 100000; + ckmc_backend_info_h info; + size_t size; + // all data goes to TZ when enabled + assert_positive(ckmc_get_backend_info, CKMC_BACKEND_TZ, &info); + assert_positive(ckmc_backend_get_max_chunk_size, info, &size); + const size_t BIG_SIZE = size; + CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_HARDWARE; #else const size_t BIG_SIZE = 5000000; @@ -578,6 +584,33 @@ RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd) remove_user_data(USER_APP); } +RUNNER_TEST(T1027_backend_info) +{ + //int ckmc_get_backend_info(ckmc_backend_id_e backend, ckmc_backend_info_h* ppinfo) + ckmc_backend_info_h info; + size_t size; + assert_invalid_param(ckmc_get_backend_info, static_cast(-1), &info); + assert_invalid_param(ckmc_get_backend_info, static_cast(2), &info); + assert_invalid_param(ckmc_get_backend_info, CKMC_BACKEND_SW, nullptr); + +#ifdef TZ_BACKEND + assert_positive(ckmc_get_backend_info, CKMC_BACKEND_TZ, &info); + RUNNER_ASSERT_MSG(info != nullptr, "Backend info is null"); + + assert_positive(ckmc_backend_get_max_chunk_size, info, &size); + RUNNER_ASSERT_MSG(size != 0, "Unexpected max chunk size"); +#else + assert_invalid_param(ckmc_get_backend_info, CKMC_BACKEND_TZ, &info); +#endif + + assert_positive(ckmc_get_backend_info, CKMC_BACKEND_SW, &info); + RUNNER_ASSERT_MSG(info != nullptr, "Backend info is null"); + + assert_positive(ckmc_backend_get_max_chunk_size, info, &size); + RUNNER_ASSERT_MSG(size == 0, "Unexpected max chunk size"); +} + + RUNNER_TEST(T1029_deinit) { remove_user_data(USER_APP); -- 2.7.4