diff options
| author | Shawn Willden <swillden@google.com> | 2015-05-13 12:07:50 -0600 |
|---|---|---|
| committer | Shawn Willden <swillden@google.com> | 2015-05-18 09:07:48 -0600 |
| commit | 67380a948d80ce62455b1ec9ed8283e3349498c6 (patch) | |
| tree | cad1b02f443416975477ae9065ea41b0738b6432 | |
| parent | bcd6b99ad5eb0e010f611facb55358e52cbde071 (diff) | |
| download | android_system_keymaster-67380a948d80ce62455b1ec9ed8283e3349498c6.tar.gz android_system_keymaster-67380a948d80ce62455b1ec9ed8283e3349498c6.tar.bz2 android_system_keymaster-67380a948d80ce62455b1ec9ed8283e3349498c6.zip | |
Build development unit tests against BoringSSL.
Change-Id: Ie3ab9e09913ed304d5326dca3bfa398f26dc9bf7
| -rw-r--r-- | Makefile | 38 | ||||
| -rw-r--r-- | gtest_main.cpp | 4 | ||||
| -rw-r--r-- | rsa_operation.cpp | 2 | ||||
| -rw-r--r-- | valgrind.supp | 25 |
4 files changed, 63 insertions, 6 deletions
@@ -1,12 +1,38 @@ +##### +# Local unit test Makefile +# +# This makefile builds and runs the keymaster unit tests locally on the development +# machine, not on an Android device. Android.mk builds the same tests into the +# "keymaster_tests" binary for execution on-device, but this Makefile runs them locally, +# for a very fast edit/build/test development cycle. +# +# To build and run these tests, one pre-requisite must be manually installed: BoringSSL. +# This Makefile expects to find BoringSSL in a directory adjacent to $ANDROID_BUILD_TOP. +# To get and build it, first install the Ninja build tool (e.g. apt-get install +# ninja-build), then do: +# +# cd $ANDROID_BUILD_TOP/.. +# git clone https://boringssl.googlesource.com/boringssl +# cd boringssl +# mdkir build +# cd build +# cmake -GNinja .. +# ninja +# +# Then return to $ANDROID_BUILD_TOP/system/keymaster and run "make". +##### + BASE=../.. SUBS=system/core \ hardware/libhardware \ - external/gtest + external/gtest \ + system/security/softkeymaster \ + system/security/keystore GTEST=$(BASE)/external/gtest INCLUDES=$(foreach dir,$(SUBS),-I $(BASE)/$(dir)/include) \ -I $(BASE)/libnativehelper/include/nativehelper \ - -I $(GTEST) -Iinclude + -I $(GTEST) -Iinclude -I$(BASE)/../boringssl/include ifdef USE_CLANG CC=/usr/bin/clang @@ -17,7 +43,7 @@ else COMPILER_SPECIFIC_ARGS=-std=c++0x -fprofile-arcs endif -CPPFLAGS=$(INCLUDES) -g -O0 -MD +CPPFLAGS=$(INCLUDES) -g -O0 -MD -MP CXXFLAGS=-Wall -Werror -Wno-unused -Winit-self -Wpointer-arith -Wunused-parameter \ -Werror=sign-compare -Wmissing-declarations -ftest-coverage -fno-permissive \ -Wno-deprecated-declarations -fno-exceptions -DKEYMASTER_NAME_TAGS \ @@ -26,7 +52,7 @@ CXXFLAGS=-Wall -Werror -Wno-unused -Winit-self -Wpointer-arith -Wunused-paramete # Uncomment to enable debug logging. # CXXFLAGS += -DDEBUG -LDLIBS=-lcrypto -lpthread -lstdc++ -lgcov +LDLIBS=-L$(BASE)/../boringssl/build/crypto -lcrypto -lpthread -lstdc++ -lgcov CPPSRCS=\ abstract_factory_registry_test.cpp \ @@ -109,7 +135,9 @@ MEMCHECK_OPTS=--leak-check=full \ --show-reachable=yes \ --vgdb=full \ $(UNINIT_OPTS) \ - --error-exitcode=1 + --error-exitcode=1 \ + --suppressions=valgrind.supp \ + --gen-suppressions=all MASSIF_OPTS=--tool=massif \ --stacks=yes diff --git a/gtest_main.cpp b/gtest_main.cpp index c991d4e..6072749 100644 --- a/gtest_main.cpp +++ b/gtest_main.cpp @@ -19,12 +19,16 @@ #include <openssl/engine.h> int main(int argc, char** argv) { +#if !defined(OPENSSL_IS_BORINGSSL) ERR_load_crypto_strings(); +#endif // not OPENSSL_IS_BORINGSSL ::testing::InitGoogleTest(&argc, argv); int result = RUN_ALL_TESTS(); +#if !defined(OPENSSL_IS_BORINGSSL) // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain. CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); ERR_free_strings(); +#endif // not OPENSSL_IS_BORINGSSL return result; } diff --git a/rsa_operation.cpp b/rsa_operation.cpp index d098184..a4a2b6d 100644 --- a/rsa_operation.cpp +++ b/rsa_operation.cpp @@ -528,7 +528,7 @@ keymaster_error_t RsaEncryptOperation::Finish(const AuthorizationSet& /* additio LOG_E("Error %d encrypting data with RSA", ERR_get_error()); return KM_ERROR_UNKNOWN_ERROR; } - assert(bytes_encrypted == RSA_size(rsa_key_)); + assert(bytes_encrypted == (int)RSA_size(rsa_key_)); output->advance_write(bytes_encrypted); return KM_ERROR_OK; diff --git a/valgrind.supp b/valgrind.supp new file mode 100644 index 0000000..2ca244c --- /dev/null +++ b/valgrind.supp @@ -0,0 +1,25 @@ +{ + RSASignFailureErrorLeak1 + Memcheck:Leak + fun:malloc + fun:CRYPTO_set_thread_local + fun:err_get_state + fun:ERR_put_error + fun:RSA_padding_add_none + fun:sign_raw + fun:RSA_sign_raw + fun:RSA_private_encrypt + ... +} +{ + RSASignFailureErrorLeak1 + Memcheck:Leak + fun:malloc + fun:err_get_state + fun:ERR_put_error + fun:RSA_padding_add_none + fun:sign_raw + fun:RSA_sign_raw + fun:RSA_private_encrypt + ... +}
\ No newline at end of file |