Merge remote-tracking branch 'goog/upstream-master' into bill-nos-merge

Bug: none
Test: pending

* goog/upstream-master:
  faceauth_tests: add crc related tests
  faceauth_tests.cc: enhance valid profile ID tests
  FaceAuth: fix misnomer s/user/profile/g
  faceauth: add faceauth tests
  Enforce well-formatted source and commit messages
  release-tests: remove stale TODO
  release-tests: re-enable filtered keymaster test

Change-Id: I03f882a69a60ea7254a8f32bcd1f7e5d9ee9d888

5 files changed, 254 insertions, 3 deletions

diff --git a/.checkpatch.conf b/.checkpatch.conf
new file mode 100644
index 0000000..2bc17ab
--- /dev/null
+++ b/.checkpatch.conf
@@ -0,0 +1,7 @@
+# Not Linux, so don't expect a Linux tree.
+--no-tree
+
+# Ignore aspects we don't follow here.
+--ignore SPLIT_STRING
+--ignore GIT_COMMIT_ID
+--ignore FILE_PATH_CHANGES
diff --git a/.clang-format b/.clang-format
new file mode 100644
index 0000000..d13eeba
--- /dev/null
+++ b/.clang-format
@@ -0,0 +1,2 @@
+BasedOnStyle: Google
+ColumnLimit: 80
diff --git a/BUILD b/BUILD
index 7aae4d5..caa28a8 100644
--- a/BUILD
+++ b/BUILD
@@ -9,6 +9,7 @@ cc_binary(
     name = "runtests",
     srcs = [
         "src/aes-cmac-tests.cc",
+        "src/faceauth_tests.cc",
         "src/gtest_with_gflags_main.cc",
         "src/keymaster-import-key-tests.cc",
         "src/keymaster-import-wrapped-key-tests.cc",
@@ -29,6 +30,7 @@ cc_binary(
         "@com_github_gflags_gflags//:gflags",
         "@gtest//:gtest",
         "@nugget_core_nugget//:config_chip",
+        "@nugget_core_nugget//:faceauth_common",
         "@nugget_host_generic_libnos//:libnos",
         "@nugget_host_generic_nugget_proto//:keymaster_client_proto",
         "@nugget_host_generic_nugget_proto//:nugget_app_keymaster_keymaster_cc_proto",
diff --git a/scripts/release-tests.sh b/scripts/release-tests.sh
index 155e9ac..9b7378f 100755
--- a/scripts/release-tests.sh
+++ b/scripts/release-tests.sh
@@ -25,12 +25,10 @@ function keymaster_cts_tests() {
 function keymaster_vts_tests() {
     m -j VtsHalKeymasterV4_0TargetTest || return 1
     adb sync data || return 1
-    # TODO(b/109771020): remove test filter below.
     adb shell \
         /data/nativetest64/VtsHalKeymasterV4_0TargetTest/VtsHalKeymasterV4_0TargetTest \
         --verbose \
-        --hal_service_instance=android.hardware.keymaster@4.0::IKeymasterDevice/strongbox \
-        --gtest_filter=-EncryptionOperationsTest.RsaNoPaddingShortMessage || return 1
+        --hal_service_instance=android.hardware.keymaster@4.0::IKeymasterDevice/strongbox || return 1
 }
 
 function weaver_cts_tests() {
diff --git a/src/faceauth_tests.cc b/src/faceauth_tests.cc
new file mode 100644
index 0000000..0aae44b
--- /dev/null
+++ b/src/faceauth_tests.cc
@@ -0,0 +1,242 @@
+
+#include <app_nugget.h>
+#include <nos/NuggetClientInterface.h>
+#include <gtest/gtest.h>
+
+#include <memory>
+
+#include "user/faceauth/include/fa_common.h"
+
+#include "nugget_tools.h"
+#include "util.h"
+
+using std::string;
+using std::vector;
+using std::unique_ptr;
+
+namespace {
+
+class FaceAuthTest: public testing::Test {
+ protected:
+  void SetUp() override;
+
+  static void SetUpTestCase();
+  static void TearDownTestCase();
+
+  static unique_ptr<nos::NuggetClientInterface> client;
+  static unique_ptr<test_harness::TestHarness> uart_printer;
+
+  static void Run(const fa_task_t task, const fa_result_t expected);
+
+};
+
+unique_ptr<nos::NuggetClientInterface> FaceAuthTest::client;
+unique_ptr<test_harness::TestHarness> FaceAuthTest::uart_printer;
+
+void FaceAuthTest::SetUpTestCase() {
+  uart_printer = test_harness::TestHarness::MakeUnique();
+
+  client = nugget_tools::MakeNuggetClient();
+  client->Open();
+  EXPECT_TRUE(client->IsOpen()) << "Unable to connect";
+}
+
+void FaceAuthTest::TearDownTestCase() {
+  client->Close();
+  client = unique_ptr<nos::NuggetClientInterface>();
+
+  uart_printer = nullptr;
+}
+
+uint8_t CalcCrc8(const uint8_t *data, int len)
+{
+  unsigned crc = 0;
+  int i, j;
+
+  for (j = len; j; j--, data++) {
+    crc ^= (*data << 8);
+    for (i = 8; i; i--) {
+      if (crc & 0x8000) {
+        crc ^= (0x1070 << 3);
+      }
+      crc <<= 1;
+    }
+  }
+
+  return (uint8_t)(crc >> 8);
+}
+
+static fa_task_t MakeTask(uint64_t session_id, uint32_t profile_id,
+                          uint32_t cmd, uint32_t base)
+{
+  fa_task_t task;
+  memset(&task, base, sizeof(fa_task_t));
+  task.header.version = 1;
+  task.header.session_id = session_id;
+  task.header.profile_id = profile_id;
+  task.header.cmd = cmd;
+  task.header.crc = CalcCrc8(reinterpret_cast<const uint8_t*>(&task.header),
+                             offsetof(struct fa_task_header_t, crc));
+  task.face.version = 1;
+  task.face.valid = 0;
+  task.face.crc = CalcCrc8(reinterpret_cast<const uint8_t*>(&task.face),
+                           offsetof(struct fa_embedding_t, crc));
+
+  return task;
+}
+
+static fa_result_t MakeResult(uint64_t session_id, int32_t error,
+                              int32_t match)
+{
+  fa_result_t result;
+  result.version = 1;
+  result.session_id = session_id;
+  result.error = error;
+  result.match = match;
+  result.complete = 1;
+  result.crc = CalcCrc8(reinterpret_cast<const uint8_t*>(&result),
+                        offsetof(struct fa_result_t, crc));
+  return result;
+}
+
+static vector<uint8_t> Task2Buffer(const fa_task_t* task)
+{
+  vector<uint8_t> buffer;
+  for (size_t i = 0; i < sizeof(fa_task_t); ++i) {
+    buffer.push_back(*(reinterpret_cast<const uint8_t*>(task) + i));
+  }
+  return buffer;
+}
+
+static const fa_result_t Buffer2Result(const vector<uint8_t>& buffer)
+{
+  const fa_result_t result = *(reinterpret_cast<const fa_result_t*>(
+                               buffer.data()));
+  return result;
+}
+
+static void EXPECT_RESULT_EQ(const fa_result_t& r1, const fa_result_t& r2)
+{
+  EXPECT_EQ(r1.version, r2.version);
+  EXPECT_EQ(r1.session_id, r2.session_id);
+  EXPECT_EQ(r1.error, r2.error);
+  EXPECT_EQ(r1.match, r2.match);
+  EXPECT_EQ(r1.complete, r2.complete);
+}
+
+void FaceAuthTest::Run(const fa_task_t task, const fa_result_t expected)
+{
+  vector<uint8_t> buffer;
+  buffer.resize(1024);
+  ASSERT_NO_ERROR(FaceAuthTest::client->CallApp(
+         APP_ID_FACEAUTH_TEST, 1, Task2Buffer(&task), &buffer), "");
+  const fa_result_t observed = Buffer2Result(buffer);
+  EXPECT_RESULT_EQ(expected, observed);
+}
+
+void FaceAuthTest::SetUp() {
+  for (int profiles = 1; profiles <= MAX_NUM_PROFILES; ++profiles) {
+    Run(MakeTask(0x0, profiles, FACEAUTH_CMD_ERASE, 0x00),
+        MakeResult(0x0, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  }
+}
+
+TEST_F(FaceAuthTest, SimpleMatchMismatchTest) {
+  uint64_t session_id = 0xFACE000011110000ull;
+  session_id++;
+  Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_COMP, 0x11),
+      MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  session_id++;
+  Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_ENROLL, 0x11),
+      MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  session_id++;
+  Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_COMP, 0x11),
+      MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_MATCH));
+  session_id++;
+  Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_ERASE, 0x00),
+      MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  session_id++;
+  Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_COMP, 0x11),
+      MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+}
+
+TEST_F(FaceAuthTest, FullMatchMismatchTest) {
+  uint64_t session_id = 0xFACE000022220000ull;
+  for (int i = 0; i < 20; ++i) {
+    session_id++;
+    Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_ENROLL, (i == 17) ? 0x11 : 0x0),
+        MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  }
+
+  for (int i = 0; i < 20; ++i) {
+    session_id++;
+    Run(MakeTask(session_id, 0x2, FACEAUTH_CMD_ENROLL, (i == 11) ? 0xAA : 0x0),
+        MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  }
+
+  session_id++;
+  Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_COMP, 0x11),
+      MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_MATCH));
+  session_id++;
+  Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_COMP, 0xAA),
+      MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  session_id++;
+  Run(MakeTask(session_id, 0x2, FACEAUTH_CMD_COMP, 0x11),
+      MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  session_id++;
+  Run(MakeTask(session_id, 0x2, FACEAUTH_CMD_COMP, 0xAA),
+      MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_MATCH));
+}
+
+TEST_F(FaceAuthTest, SFSFullTest) {
+  uint64_t session_id = 0xFACE000033330000ull;
+  for (int i = 0; i < 20; ++i) {
+    session_id++;
+    Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_ENROLL, 0x0),
+        MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  }
+
+  session_id++;
+  Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_ENROLL, 0x0),
+      MakeResult(session_id, FACEAUTH_ERR_SFS_FULL, FACEAUTH_NOMATCH));
+}
+
+TEST_F(FaceAuthTest, LockoutTest) {
+  uint64_t session_id = 0xFACE000044440000ull;
+  for (int i = 0; i < 5; ++i) {
+    session_id++;
+    Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_COMP, 0x0),
+        MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  }
+
+  session_id++;
+  Run(MakeTask(session_id, 0x1, FACEAUTH_CMD_COMP, 0x0),
+      MakeResult(session_id, FACEAUTH_ERR_THROTTLE, FACEAUTH_NOMATCH));
+}
+
+TEST_F(FaceAuthTest, ValidProfileIDTest) {
+  uint64_t session_id = 0xFACE000055550000ull;
+  session_id++;
+  Run(MakeTask(session_id, 0x0, FACEAUTH_CMD_ENROLL, 0x0),
+      MakeResult(session_id, FACEAUTH_ERR_INVALID_ARGS, FACEAUTH_NOMATCH));
+
+  for (int i = 1; i <= MAX_NUM_PROFILES; ++i) {
+    session_id++;
+    Run(MakeTask(session_id, i, FACEAUTH_CMD_ENROLL, 0x0),
+        MakeResult(session_id, FACEAUTH_SUCCESS, FACEAUTH_NOMATCH));
+  }
+
+  session_id++;
+  Run(MakeTask(session_id, MAX_NUM_PROFILES + 1, FACEAUTH_CMD_ENROLL, 0x0),
+      MakeResult(session_id, FACEAUTH_ERR_INVALID_ARGS, FACEAUTH_NOMATCH));
+}
+
+TEST_F(FaceAuthTest, InvalidCommandTest) {
+  uint64_t session_id = 0xFACE000066660000ull;
+  session_id++;
+  Run(MakeTask(session_id, 0x1, 0x0, 0x0),
+      MakeResult(session_id, FACEAUTH_ERR_INVALID_ARGS, FACEAUTH_NOMATCH));
+}
+
+}
+