Small refactor of signing/verification tests, to facilitate DSA testing.

Change-Id: I68a8f83d85993f320a0e05e39cefc56bb2823b7d
diff --git a/google_keymaster_test.cpp b/google_keymaster_test.cpp
index fc0e34a..54b8f64 100644
--- a/google_keymaster_test.cpp
+++ b/google_keymaster_test.cpp
@@ -342,14 +342,17 @@
     EXPECT_EQ(gen_rsp.unenforced, rsp.unenforced);
 }
 
+/**
+ * Test class that provides some infrastructure for generating keys and signing messages.
+ */
 class SigningOperationsTest : public KeymasterTest {
   protected:
-    keymaster_key_blob_t* GenerateKey(keymaster_digest_t digest, keymaster_padding_t padding,
-                                      uint32_t key_size) {
+    void GenerateKey(keymaster_algorithm_t algorithm, keymaster_digest_t digest,
+                     keymaster_padding_t padding, uint32_t key_size) {
         keymaster_key_param_t params[] = {
             Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
             Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
-            Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
+            Authorization(TAG_ALGORITHM, algorithm),
             Authorization(TAG_KEY_SIZE, key_size),
             Authorization(TAG_USER_ID, 7),
             Authorization(TAG_USER_AUTH_ID, 8),
@@ -364,25 +367,57 @@
             generate_request.key_description.push_back(TAG_PADDING, padding);
         device.GenerateKey(generate_request, &generate_response_);
         EXPECT_EQ(KM_ERROR_OK, generate_response_.error);
+    }
 
-        // This is safe because generate_response_ lives as long as the test and will keep the key
-        // blob around.
-        return &generate_response_.key_blob;
+    void SignMessage(const void* message, size_t size) {
+        BeginOperationRequest begin_request;
+        BeginOperationResponse begin_response;
+        begin_request.SetKeyMaterial(generate_response_.key_blob);
+        begin_request.purpose = KM_PURPOSE_SIGN;
+        AddClientParams(&begin_request.additional_params);
+
+        device.BeginOperation(begin_request, &begin_response);
+        ASSERT_EQ(KM_ERROR_OK, begin_response.error);
+
+        UpdateOperationRequest update_request;
+        UpdateOperationResponse update_response;
+        update_request.op_handle = begin_response.op_handle;
+        update_request.input.Reinitialize(message, size);
+        EXPECT_EQ(size, update_request.input.available_read());
+
+        device.UpdateOperation(update_request, &update_response);
+        ASSERT_EQ(KM_ERROR_OK, update_response.error);
+        EXPECT_EQ(0U, update_response.output.available_read());
+
+        FinishOperationRequest finish_request;
+        finish_request.op_handle = begin_response.op_handle;
+        device.FinishOperation(finish_request, &finish_response_);
+        ASSERT_EQ(KM_ERROR_OK, finish_response_.error);
+        EXPECT_GT(finish_response_.output.available_read(), 0U);
+    }
+
+    void AddClientParams(AuthorizationSet* set) { set->push_back(TAG_APPLICATION_ID, "app_id", 6); }
+
+    const keymaster_key_blob_t& key_blob() { return generate_response_.key_blob; }
+    Buffer* signature() {
+        if (finish_response_.error == KM_ERROR_OK)
+            return &finish_response_.output;
+        return NULL;
     }
 
   private:
     GenerateKeyResponse generate_response_;
+    FinishOperationResponse finish_response_;
 };
 
 TEST_F(SigningOperationsTest, RsaSuccess) {
-    keymaster_key_blob_t* key = GenerateKey(KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
-    ASSERT_TRUE(key != NULL);
+    GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
 
     BeginOperationRequest begin_request;
     BeginOperationResponse begin_response;
-    begin_request.SetKeyMaterial(*key);
+    begin_request.SetKeyMaterial(key_blob());
     begin_request.purpose = KM_PURPOSE_SIGN;
-    begin_request.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
+    AddClientParams(&begin_request.additional_params);
 
     device.BeginOperation(begin_request, &begin_response);
     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
@@ -408,14 +443,13 @@
 }
 
 TEST_F(SigningOperationsTest, RsaAbort) {
-    keymaster_key_blob_t* key = GenerateKey(KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
-    ASSERT_TRUE(key != NULL);
+    GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
 
     BeginOperationRequest begin_request;
     BeginOperationResponse begin_response;
-    begin_request.SetKeyMaterial(*key);
+    begin_request.SetKeyMaterial(key_blob());
     begin_request.purpose = KM_PURPOSE_SIGN;
-    begin_request.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
+    AddClientParams(&begin_request.additional_params);
 
     device.BeginOperation(begin_request, &begin_response);
     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
@@ -427,14 +461,13 @@
 }
 
 TEST_F(SigningOperationsTest, RsaUnsupportedDigest) {
-    keymaster_key_blob_t* key = GenerateKey(KM_DIGEST_SHA_2_256, KM_PAD_NONE, 256 /* key size */);
-    ASSERT_TRUE(key != NULL);
+    GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_SHA_2_256, KM_PAD_NONE, 256 /* key size */);
 
     BeginOperationRequest begin_request;
     BeginOperationResponse begin_response;
     begin_request.purpose = KM_PURPOSE_SIGN;
-    begin_request.SetKeyMaterial(*key);
-    begin_request.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
+    begin_request.SetKeyMaterial(key_blob());
+    AddClientParams(&begin_request.additional_params);
 
     device.BeginOperation(begin_request, &begin_response);
     ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error);
@@ -443,14 +476,13 @@
 }
 
 TEST_F(SigningOperationsTest, RsaUnsupportedPadding) {
-    keymaster_key_blob_t* key = GenerateKey(KM_DIGEST_NONE, KM_PAD_RSA_OAEP, 256 /* key size */);
-    ASSERT_TRUE(key != NULL);
+    GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_RSA_OAEP, 256 /* key size */);
 
     BeginOperationRequest begin_request;
     BeginOperationResponse begin_response;
     begin_request.purpose = KM_PURPOSE_SIGN;
-    begin_request.SetKeyMaterial(*key);
-    begin_request.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
+    begin_request.SetKeyMaterial(key_blob());
+    AddClientParams(&begin_request.additional_params);
 
     device.BeginOperation(begin_request, &begin_response);
     ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error);
@@ -459,15 +491,14 @@
 }
 
 TEST_F(SigningOperationsTest, RsaNoDigest) {
-    keymaster_key_blob_t* key =
-        GenerateKey(static_cast<keymaster_digest_t>(-1), KM_PAD_NONE, 256 /* key size */);
-    ASSERT_TRUE(key != NULL);
+    GenerateKey(KM_ALGORITHM_RSA, static_cast<keymaster_digest_t>(-1), KM_PAD_NONE,
+                256 /* key size */);
 
     BeginOperationRequest begin_request;
     BeginOperationResponse begin_response;
     begin_request.purpose = KM_PURPOSE_SIGN;
-    begin_request.SetKeyMaterial(*key);
-    begin_request.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
+    begin_request.SetKeyMaterial(key_blob());
+    AddClientParams(&begin_request.additional_params);
 
     device.BeginOperation(begin_request, &begin_response);
     ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error);
@@ -476,15 +507,14 @@
 }
 
 TEST_F(SigningOperationsTest, RsaNoPadding) {
-    keymaster_key_blob_t* key =
-        GenerateKey(KM_DIGEST_NONE, static_cast<keymaster_padding_t>(-1), 256 /* key size */);
-    ASSERT_TRUE(key != NULL);
+    GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, static_cast<keymaster_padding_t>(-1),
+                256 /* key size */);
 
     BeginOperationRequest begin_request;
     BeginOperationResponse begin_response;
     begin_request.purpose = KM_PURPOSE_SIGN;
-    begin_request.SetKeyMaterial(*key);
-    begin_request.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
+    begin_request.SetKeyMaterial(key_blob());
+    AddClientParams(&begin_request.additional_params);
 
     device.BeginOperation(begin_request, &begin_response);
     ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error);
@@ -493,14 +523,13 @@
 }
 
 TEST_F(SigningOperationsTest, RsaTooShortMessage) {
-    keymaster_key_blob_t* key = GenerateKey(KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
-    ASSERT_TRUE(key != NULL);
+    GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
 
     BeginOperationRequest begin_request;
     BeginOperationResponse begin_response;
-    begin_request.SetKeyMaterial(*key);
+    begin_request.SetKeyMaterial(key_blob());
     begin_request.purpose = KM_PURPOSE_SIGN;
-    begin_request.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
+    AddClientParams(&begin_request.additional_params);
 
     device.BeginOperation(begin_request, &begin_response);
     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
@@ -525,86 +554,18 @@
     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
 }
 
-class VerificationOperationsTest : public KeymasterTest {
-  protected:
-    VerificationOperationsTest() {
-        generate_response_.error = KM_ERROR_UNKNOWN_ERROR;
-        finish_response_.error = KM_ERROR_UNKNOWN_ERROR;
-    }
-
-    void GenerateKey(keymaster_digest_t digest, keymaster_padding_t padding, uint32_t key_size) {
-        keymaster_key_param_t params[] = {
-            Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
-            Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
-            Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
-            Authorization(TAG_KEY_SIZE, key_size),
-            Authorization(TAG_USER_ID, 7),
-            Authorization(TAG_USER_AUTH_ID, 8),
-            Authorization(TAG_APPLICATION_ID, "app_id", 6),
-            Authorization(TAG_AUTH_TIMEOUT, 300),
-        };
-        GenerateKeyRequest generate_request;
-        generate_request.key_description.Reinitialize(params, array_length(params));
-        if (static_cast<int>(digest) != -1)
-            generate_request.key_description.push_back(TAG_DIGEST, digest);
-        if (static_cast<int>(padding) != -1)
-            generate_request.key_description.push_back(TAG_PADDING, padding);
-        device.GenerateKey(generate_request, &generate_response_);
-        EXPECT_EQ(KM_ERROR_OK, generate_response_.error);
-
-        BeginOperationRequest begin_request;
-        BeginOperationResponse begin_response;
-        begin_request.SetKeyMaterial(generate_response_.key_blob);
-        begin_request.purpose = KM_PURPOSE_SIGN;
-        begin_request.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
-
-        device.BeginOperation(begin_request, &begin_response);
-        ASSERT_EQ(KM_ERROR_OK, begin_response.error);
-
-        UpdateOperationRequest update_request;
-        UpdateOperationResponse update_response;
-        update_request.op_handle = begin_response.op_handle;
-        update_request.input.Reinitialize("012345678901234567890123456789012", 32);
-        EXPECT_EQ(32U, update_request.input.available_read());
-
-        device.UpdateOperation(update_request, &update_response);
-        ASSERT_EQ(KM_ERROR_OK, update_response.error);
-        EXPECT_EQ(0U, update_response.output.available_read());
-
-        FinishOperationRequest finish_request;
-        finish_request.op_handle = begin_response.op_handle;
-        device.FinishOperation(finish_request, &finish_response_);
-        ASSERT_EQ(KM_ERROR_OK, finish_response_.error);
-        EXPECT_GT(finish_response_.output.available_read(), 0U);
-    }
-
-    keymaster_key_blob_t* key_blob() {
-        if (generate_response_.error == KM_ERROR_OK)
-            return &generate_response_.key_blob;
-        return NULL;
-    }
-
-    Buffer* signature() {
-        if (finish_response_.error == KM_ERROR_OK)
-            return &finish_response_.output;
-        return NULL;
-    }
-
-  private:
-    GenerateKeyResponse generate_response_;
-    FinishOperationResponse finish_response_;
-};
-
+typedef SigningOperationsTest VerificationOperationsTest;
 TEST_F(VerificationOperationsTest, RsaSuccess) {
-    GenerateKey(KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
-    ASSERT_TRUE(key_blob() != NULL);
+    GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
+    const char message[] = "12345678901234567890123456789012";
+    SignMessage(message, array_size(message) - 1);
     ASSERT_TRUE(signature() != NULL);
 
     BeginOperationRequest begin_request;
     BeginOperationResponse begin_response;
-    begin_request.SetKeyMaterial(*key_blob());
+    begin_request.SetKeyMaterial(key_blob());
     begin_request.purpose = KM_PURPOSE_VERIFY;
-    begin_request.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
+    AddClientParams(&begin_request.additional_params);
 
     device.BeginOperation(begin_request, &begin_response);
     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
@@ -612,8 +573,8 @@
     UpdateOperationRequest update_request;
     UpdateOperationResponse update_response;
     update_request.op_handle = begin_response.op_handle;
-    update_request.input.Reinitialize("012345678901234567890123456789012", 32);
-    EXPECT_EQ(32U, update_request.input.available_read());
+    update_request.input.Reinitialize(message, array_size(message) - 1);
+    EXPECT_EQ(array_size(message) - 1, update_request.input.available_read());
 
     device.UpdateOperation(update_request, &update_response);
     ASSERT_EQ(KM_ERROR_OK, update_response.error);