Blame - google_keymaster_test.cpp - fp2-dev/platform/system/keymaster

blob: 1ee9c02f30ffe58039cd404acd515ac3a4779e31 [file] [log] [blame]

Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	1	/*
				2	* Copyright (C) 2014 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
Shawn Willden	437fbd1	2014-08-20 11:59:49 -0600	[diff] [blame]	17	#include <string>
				18	#include <fstream>
				19
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	20	#include <gtest/gtest.h>
Shawn Willden	7636471	2014-08-11 17:48:04 -0600	[diff] [blame]	21
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	22	#include <openssl/engine.h>
				23
Shawn Willden	98d9b92	2014-08-26 08:14:10 -0600	[diff] [blame]	24	#include <keymaster/google_keymaster_utils.h>
				25	#include <keymaster/keymaster_tags.h>
				26
Shawn Willden	7636471	2014-08-11 17:48:04 -0600	[diff] [blame]	27	#include "google_keymaster_test_utils.h"
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	28	#include "soft_keymaster_device.h"
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	29
Shawn Willden	437fbd1	2014-08-20 11:59:49 -0600	[diff] [blame]	30	using std::string;
				31	using std::ifstream;
				32	using std::istreambuf_iterator;
				33
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	34	int main(int argc, char** argv) {
				35	::testing::InitGoogleTest(&argc, argv);
				36	int result = RUN_ALL_TESTS();
				37	// Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain.
				38	CRYPTO_cleanup_all_ex_data();
Shawn Willden	7c0a82b	2014-09-17 12:57:32 -0600	[diff] [blame]	39	ERR_remove_thread_state(NULL);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	40	ERR_free_strings();
				41	return result;
				42	}
				43
				44	namespace keymaster {
				45	namespace test {
				46
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	47	// Note that these DSA generator, p and q values must match the values from dsa_privkey_pk8.der.
				48	const uint8_t dsa_g[] = {
				49	0x19, 0x1C, 0x71, 0xFD, 0xE0, 0x03, 0x0C, 0x43, 0xD9, 0x0B, 0xF6, 0xCD, 0xD6, 0xA9, 0x70, 0xE7,
				50	0x37, 0x86, 0x3A, 0x78, 0xE9, 0xA7, 0x47, 0xA7, 0x47, 0x06, 0x88, 0xB1, 0xAF, 0xD7, 0xF3, 0xF1,
				51	0xA1, 0xD7, 0x00, 0x61, 0x28, 0x88, 0x31, 0x48, 0x60, 0xD8, 0x11, 0xEF, 0xA5, 0x24, 0x1A, 0x81,
				52	0xC4, 0x2A, 0xE2, 0xEA, 0x0E, 0x36, 0xD2, 0xD2, 0x05, 0x84, 0x37, 0xCF, 0x32, 0x7D, 0x09, 0xE6,
				53	0x0F, 0x8B, 0x0C, 0xC8, 0xC2, 0xA4, 0xB1, 0xDC, 0x80, 0xCA, 0x68, 0xDF, 0xAF, 0xD2, 0x90, 0xC0,
				54	0x37, 0x58, 0x54, 0x36, 0x8F, 0x49, 0xB8, 0x62, 0x75, 0x8B, 0x48, 0x47, 0xC0, 0xBE, 0xF7, 0x9A,
				55	0x92, 0xA6, 0x68, 0x05, 0xDA, 0x9D, 0xAF, 0x72, 0x9A, 0x67, 0xB3, 0xB4, 0x14, 0x03, 0xAE, 0x4F,
				56	0x4C, 0x76, 0xB9, 0xD8, 0x64, 0x0A, 0xBA, 0x3B, 0xA8, 0x00, 0x60, 0x4D, 0xAE, 0x81, 0xC3, 0xC5,
				57	};
				58	const uint8_t dsa_p[] = {
				59	0xA3, 0xF3, 0xE9, 0xB6, 0x7E, 0x7D, 0x88, 0xF6, 0xB7, 0xE5, 0xF5, 0x1F, 0x3B, 0xEE, 0xAC, 0xD7,
				60	0xAD, 0xBC, 0xC9, 0xD1, 0x5A, 0xF8, 0x88, 0xC4, 0xEF, 0x6E, 0x3D, 0x74, 0x19, 0x74, 0xE7, 0xD8,
				61	0xE0, 0x26, 0x44, 0x19, 0x86, 0xAF, 0x19, 0xDB, 0x05, 0xE9, 0x3B, 0x8B, 0x58, 0x58, 0xDE, 0xE5,
				62	0x4F, 0x48, 0x15, 0x01, 0xEA, 0xE6, 0x83, 0x52, 0xD7, 0xC1, 0x21, 0xDF, 0xB9, 0xB8, 0x07, 0x66,
				63	0x50, 0xFB, 0x3A, 0x0C, 0xB3, 0x85, 0xEE, 0xBB, 0x04, 0x5F, 0xC2, 0x6D, 0x6D, 0x95, 0xFA, 0x11,
				64	0x93, 0x1E, 0x59, 0x5B, 0xB1, 0x45, 0x8D, 0xE0, 0x3D, 0x73, 0xAA, 0xF2, 0x41, 0x14, 0x51, 0x07,
				65	0x72, 0x3D, 0xA2, 0xF7, 0x58, 0xCD, 0x11, 0xA1, 0x32, 0xCF, 0xDA, 0x42, 0xB7, 0xCC, 0x32, 0x80,
				66	0xDB, 0x87, 0x82, 0xEC, 0x42, 0xDB, 0x5A, 0x55, 0x24, 0x24, 0xA2, 0xD1, 0x55, 0x29, 0xAD, 0xEB,
				67	};
				68	const uint8_t dsa_q[] = {
				69	0xEB, 0xEA, 0x17, 0xD2, 0x09, 0xB3, 0xD7, 0x21, 0x9A, 0x21,
				70	0x07, 0x82, 0x8F, 0xAB, 0xFE, 0x88, 0x71, 0x68, 0xF7, 0xE3,
				71	};
				72
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	73	const uint64_t OP_HANDLE_SENTINEL = 0xFFFFFFFFFFFFFFFF;
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	74	class KeymasterTest : public testing::Test {
				75	protected:
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	76	KeymasterTest()
				77	: device_(new StdoutLogger), out_params_(NULL), signature_(NULL), characteristics_(NULL) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	78	blob_.key_material = NULL;
				79	RAND_seed("foobar", 6);
				80	}
				81	~KeymasterTest() {
				82	FreeCharacteristics();
				83	FreeKeyBlob();
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	84	}
				85
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	86	keymaster_device* device() { return reinterpret_cast<keymaster_device*>(device_.hw_device()); }
				87
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame^]	88	void GenerateKey(AuthorizationSet* params) {
				89	FreeKeyBlob();
				90	FreeCharacteristics();
				91	AddClientParams(params);
				92	EXPECT_EQ(KM_ERROR_OK, device()->generate_key(device(), params->data(), params->size(),
				93	&blob_, &characteristics_));
				94	}
				95
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	96	keymaster_error_t BeginOperation(keymaster_purpose_t purpose,
				97	const keymaster_key_blob_t& key_blob) {
				98	return device()->begin(device(), purpose, &key_blob, client_params_,
				99	array_length(client_params_), &out_params_, &out_params_count_,
				100	&op_handle_);
				101	}
				102
				103	keymaster_error_t UpdateOperation(const void* message, size_t size, string* output,
				104	size_t* input_consumed) {
				105	uint8_t* out_tmp = NULL;
				106	size_t out_length;
				107	keymaster_error_t error =
				108	device()->update(device(), op_handle_, reinterpret_cast<const uint8_t*>(message), size,
				109	input_consumed, &out_tmp, &out_length);
				110	if (out_tmp)
				111	output->append(reinterpret_cast<char*>(out_tmp), out_length);
				112	free(out_tmp);
				113	return error;
				114	}
				115
				116	keymaster_error_t FinishOperation(string* output) {
				117	uint8_t* out_tmp = NULL;
				118	size_t out_length;
				119	keymaster_error_t error =
				120	device()->finish(device(), op_handle_, reinterpret_cast<const uint8_t*>(signature_),
				121	signature_length_, &out_tmp, &out_length);
				122	if (out_tmp)
				123	output->append(reinterpret_cast<char*>(out_tmp), out_length);
				124	free(out_tmp);
				125	return error;
				126	}
				127
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	128	template <typename T> void ExpectContains(T val, T* vals, size_t len) {
				129	EXPECT_EQ(1U, len);
				130	EXPECT_EQ(val, vals[0]);
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	131	}
				132
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	133	void FreeCharacteristics() {
				134	keymaster_free_characteristics(characteristics_);
				135	free(characteristics_);
				136	characteristics_ = NULL;
				137	}
				138
				139	void FreeKeyBlob() {
				140	free(const_cast<uint8_t*>(blob_.key_material));
				141	blob_.key_material = NULL;
				142	}
				143
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame^]	144	void AddClientParams(AuthorizationSet* set) { set->push_back(TAG_APPLICATION_ID, "app_id", 6); }
				145
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	146	const keymaster_key_blob_t& key_blob() { return blob_; }
				147
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	148	SoftKeymasterDevice device_;
				149
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	150	keymaster_blob_t client_id_ = {.data = reinterpret_cast<const uint8_t*>("app_id"),
				151	.data_length = 6};
				152	keymaster_key_param_t client_params_[1] = {
				153	Authorization(TAG_APPLICATION_ID, client_id_.data, client_id_.data_length)};
				154
				155	keymaster_key_param_t* out_params_;
				156	size_t out_params_count_;
				157	uint64_t op_handle_;
				158	size_t input_consumed_;
				159	uint8_t* signature_;
				160	size_t signature_length_;
				161
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	162	AuthorizationSet params_;
				163	keymaster_key_blob_t blob_;
				164	keymaster_key_characteristics_t* characteristics_;
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	165	};
				166
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	167	typedef KeymasterTest CheckSupported;
				168	TEST_F(CheckSupported, SupportedAlgorithms) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	169	EXPECT_EQ(KM_ERROR_OUTPUT_PARAMETER_NULL,
				170	device()->get_supported_algorithms(device(), NULL, NULL));
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	171
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	172	size_t len;
				173	keymaster_algorithm_t* algorithms;
				174	EXPECT_EQ(KM_ERROR_OK, device()->get_supported_algorithms(device(), &algorithms, &len));
				175	ASSERT_EQ(4U, len);
				176	EXPECT_EQ(KM_ALGORITHM_RSA, algorithms[0]);
				177	EXPECT_EQ(KM_ALGORITHM_DSA, algorithms[1]);
				178	EXPECT_EQ(KM_ALGORITHM_ECDSA, algorithms[2]);
				179	EXPECT_EQ(KM_ALGORITHM_AES, algorithms[3]);
				180
				181	free(algorithms);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	182	}
				183
				184	TEST_F(CheckSupported, SupportedBlockModes) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	185	EXPECT_EQ(KM_ERROR_OUTPUT_PARAMETER_NULL,
				186	device()->get_supported_block_modes(device(), KM_ALGORITHM_RSA, KM_PURPOSE_ENCRYPT,
				187	NULL, NULL));
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	188
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	189	size_t len;
				190	keymaster_block_mode_t* modes;
				191	EXPECT_EQ(KM_ERROR_UNSUPPORTED_BLOCK_MODE,
				192	device()->get_supported_block_modes(device(), KM_ALGORITHM_RSA, KM_PURPOSE_ENCRYPT,
				193	&modes, &len));
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	194
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	195	EXPECT_EQ(KM_ERROR_UNSUPPORTED_BLOCK_MODE,
				196	device()->get_supported_block_modes(device(), KM_ALGORITHM_DSA, KM_PURPOSE_ENCRYPT,
				197	&modes, &len));
Shawn Willden	28e4147	2014-08-18 13:35:22 -0600	[diff] [blame]	198
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	199	EXPECT_EQ(KM_ERROR_UNSUPPORTED_BLOCK_MODE,
				200	device()->get_supported_block_modes(device(), KM_ALGORITHM_ECDSA, KM_PURPOSE_ENCRYPT,
				201	&modes, &len));
Shawn Willden	c3864dd	2014-08-18 15:20:01 -0600	[diff] [blame]	202
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	203	EXPECT_EQ(KM_ERROR_UNSUPPORTED_BLOCK_MODE,
				204	device()->get_supported_block_modes(device(), KM_ALGORITHM_AES, KM_PURPOSE_ENCRYPT,
				205	&modes, &len));
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	206	}
				207
				208	TEST_F(CheckSupported, SupportedPaddingModes) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	209	EXPECT_EQ(KM_ERROR_OUTPUT_PARAMETER_NULL,
				210	device()->get_supported_padding_modes(device(), KM_ALGORITHM_RSA, KM_PURPOSE_ENCRYPT,
				211	NULL, NULL));
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	212
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	213	size_t len;
				214	keymaster_padding_t* modes;
				215	EXPECT_EQ(KM_ERROR_OK, device()->get_supported_padding_modes(device(), KM_ALGORITHM_RSA,
				216	KM_PURPOSE_SIGN, &modes, &len));
				217	ExpectContains(KM_PAD_NONE, modes, len);
				218	free(modes);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	219
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	220	EXPECT_EQ(KM_ERROR_OK, device()->get_supported_padding_modes(device(), KM_ALGORITHM_DSA,
				221	KM_PURPOSE_SIGN, &modes, &len));
				222	ExpectContains(KM_PAD_NONE, modes, len);
				223	free(modes);
Shawn Willden	28e4147	2014-08-18 13:35:22 -0600	[diff] [blame]	224
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	225	EXPECT_EQ(KM_ERROR_OK, device()->get_supported_padding_modes(device(), KM_ALGORITHM_ECDSA,
				226	KM_PURPOSE_SIGN, &modes, &len));
				227	ExpectContains(KM_PAD_NONE, modes, len);
				228	free(modes);
Shawn Willden	c3864dd	2014-08-18 15:20:01 -0600	[diff] [blame]	229
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	230	EXPECT_EQ(KM_ERROR_OK, device()->get_supported_padding_modes(device(), KM_ALGORITHM_AES,
				231	KM_PURPOSE_SIGN, &modes, &len));
				232	EXPECT_EQ(0, len);
				233	free(modes);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	234	}
				235
				236	TEST_F(CheckSupported, SupportedDigests) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	237	EXPECT_EQ(
				238	KM_ERROR_OUTPUT_PARAMETER_NULL,
				239	device()->get_supported_digests(device(), KM_ALGORITHM_RSA, KM_PURPOSE_SIGN, NULL, NULL));
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	240
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	241	size_t len;
				242	keymaster_digest_t* digests;
				243	EXPECT_EQ(KM_ERROR_OK, device()->get_supported_digests(device(), KM_ALGORITHM_RSA,
				244	KM_PURPOSE_SIGN, &digests, &len));
				245	ExpectContains(KM_DIGEST_NONE, digests, len);
				246	free(digests);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	247
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	248	EXPECT_EQ(KM_ERROR_OK, device()->get_supported_digests(device(), KM_ALGORITHM_DSA,
				249	KM_PURPOSE_SIGN, &digests, &len));
				250	ExpectContains(KM_DIGEST_NONE, digests, len);
				251	free(digests);
Shawn Willden	28e4147	2014-08-18 13:35:22 -0600	[diff] [blame]	252
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	253	EXPECT_EQ(KM_ERROR_OK, device()->get_supported_digests(device(), KM_ALGORITHM_ECDSA,
				254	KM_PURPOSE_SIGN, &digests, &len));
				255	ExpectContains(KM_DIGEST_NONE, digests, len);
				256	free(digests);
Shawn Willden	c3864dd	2014-08-18 15:20:01 -0600	[diff] [blame]	257
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	258	EXPECT_EQ(KM_ERROR_OK, device()->get_supported_digests(device(), KM_ALGORITHM_AES,
				259	KM_PURPOSE_SIGN, &digests, &len));
				260	EXPECT_EQ(0, len);
				261	free(digests);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	262	}
				263
				264	TEST_F(CheckSupported, SupportedImportFormats) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	265	EXPECT_EQ(KM_ERROR_OUTPUT_PARAMETER_NULL,
				266	device()->get_supported_import_formats(device(), KM_ALGORITHM_RSA, NULL, NULL));
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	267
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	268	size_t len;
				269	keymaster_key_format_t* formats;
				270	EXPECT_EQ(KM_ERROR_OK,
				271	device()->get_supported_import_formats(device(), KM_ALGORITHM_RSA, &formats, &len));
				272	ExpectContains(KM_KEY_FORMAT_PKCS8, formats, len);
				273	free(formats);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	274
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	275	EXPECT_EQ(KM_ERROR_OK,
				276	device()->get_supported_import_formats(device(), KM_ALGORITHM_DSA, &formats, &len));
				277	ExpectContains(KM_KEY_FORMAT_PKCS8, formats, len);
				278	free(formats);
Shawn Willden	28e4147	2014-08-18 13:35:22 -0600	[diff] [blame]	279
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	280	EXPECT_EQ(KM_ERROR_OK,
				281	device()->get_supported_import_formats(device(), KM_ALGORITHM_ECDSA, &formats, &len));
				282	ExpectContains(KM_KEY_FORMAT_PKCS8, formats, len);
				283	free(formats);
Shawn Willden	c3864dd	2014-08-18 15:20:01 -0600	[diff] [blame]	284
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	285	EXPECT_EQ(KM_ERROR_OK,
				286	device()->get_supported_import_formats(device(), KM_ALGORITHM_AES, &formats, &len));
				287	EXPECT_EQ(0, len);
				288	free(formats);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	289	}
				290
				291	TEST_F(CheckSupported, SupportedExportFormats) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	292	EXPECT_EQ(KM_ERROR_OUTPUT_PARAMETER_NULL,
				293	device()->get_supported_export_formats(device(), KM_ALGORITHM_RSA, NULL, NULL));
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	294
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	295	size_t len;
				296	keymaster_key_format_t* formats;
				297	EXPECT_EQ(KM_ERROR_OK,
				298	device()->get_supported_export_formats(device(), KM_ALGORITHM_RSA, &formats, &len));
				299	ExpectContains(KM_KEY_FORMAT_X509, formats, len);
				300	free(formats);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	301
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	302	EXPECT_EQ(KM_ERROR_OK,
				303	device()->get_supported_export_formats(device(), KM_ALGORITHM_DSA, &formats, &len));
				304	ExpectContains(KM_KEY_FORMAT_X509, formats, len);
				305	free(formats);
Shawn Willden	28e4147	2014-08-18 13:35:22 -0600	[diff] [blame]	306
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	307	EXPECT_EQ(KM_ERROR_OK,
				308	device()->get_supported_export_formats(device(), KM_ALGORITHM_ECDSA, &formats, &len));
				309	ExpectContains(KM_KEY_FORMAT_X509, formats, len);
				310	free(formats);
Shawn Willden	c3864dd	2014-08-18 15:20:01 -0600	[diff] [blame]	311
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	312	EXPECT_EQ(KM_ERROR_OK,
				313	device()->get_supported_export_formats(device(), KM_ALGORITHM_AES, &formats, &len));
				314	EXPECT_EQ(0, len);
				315	free(formats);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	316	}
				317
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	318	keymaster_key_param_t key_generation_base_params[] = {
Shawn Willden	3809b93	2014-12-02 06:59:46 -0700	[diff] [blame]	319	Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
				320	Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	321	Authorization(TAG_APPLICATION_ID, "app_id", 6),
Shawn Willden	3809b93	2014-12-02 06:59:46 -0700	[diff] [blame]	322	Authorization(TAG_APPLICATION_DATA, "app_data", 8), Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	323	};
				324
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	325	TEST_F(KeymasterTest, TestFlags) {
				326	EXPECT_TRUE(device()->flags & KEYMASTER_SOFTWARE_ONLY);
				327	EXPECT_TRUE(device()->flags & KEYMASTER_BLOBS_ARE_STANDALONE);
				328	EXPECT_FALSE(device()->flags & KEYMASTER_SUPPORTS_DSA);
				329	EXPECT_TRUE(device()->flags & KEYMASTER_SUPPORTS_EC);
				330	}
				331
				332	typedef KeymasterTest OldKeyGeneration;
				333
				334	TEST_F(OldKeyGeneration, Rsa) {
				335	keymaster_rsa_keygen_params_t params = {.modulus_size = 256, .public_exponent = 3};
				336	uint8_t* key_blob;
				337	size_t key_blob_length;
				338	EXPECT_EQ(0,
				339	device()->generate_keypair(device(), TYPE_RSA, &params, &key_blob, &key_blob_length));
				340	EXPECT_GT(key_blob_length, 0);
				341
				342	free(key_blob);
				343	}
				344
				345	TEST_F(OldKeyGeneration, Ecdsa) {
				346
				347	keymaster_ec_keygen_params_t params = {.field_size = 256};
				348	uint8_t* key_blob;
				349	size_t key_blob_length;
				350	EXPECT_EQ(0,
				351	device()->generate_keypair(device(), TYPE_EC, &params, &key_blob, &key_blob_length));
				352	EXPECT_GT(key_blob_length, 0);
				353
				354	free(key_blob);
				355	}
				356
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	357	class NewKeyGeneration : public KeymasterTest {
				358	protected:
				359	NewKeyGeneration() {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	360	params_.Reinitialize(key_generation_base_params, array_length(key_generation_base_params));
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	361	}
				362
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	363	void CheckBaseParams(const AuthorizationSet& auths) {
				364	EXPECT_TRUE(contains(auths, TAG_PURPOSE, KM_PURPOSE_SIGN));
				365	EXPECT_TRUE(contains(auths, TAG_PURPOSE, KM_PURPOSE_VERIFY));
				366	EXPECT_TRUE(contains(auths, TAG_USER_ID, 7));
				367	EXPECT_TRUE(contains(auths, TAG_USER_AUTH_ID, 8));
				368	EXPECT_TRUE(contains(auths, TAG_AUTH_TIMEOUT, 300));
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	369
				370	// Verify that App ID, App data and ROT are NOT included.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	371	EXPECT_FALSE(contains(auths, TAG_ROOT_OF_TRUST));
				372	EXPECT_FALSE(contains(auths, TAG_APPLICATION_ID));
				373	EXPECT_FALSE(contains(auths, TAG_APPLICATION_DATA));
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	374
				375	// Just for giggles, check that some unexpected tags/values are NOT present.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	376	EXPECT_FALSE(contains(auths, TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
				377	EXPECT_FALSE(contains(auths, TAG_PURPOSE, KM_PURPOSE_DECRYPT));
				378	EXPECT_FALSE(contains(auths, TAG_AUTH_TIMEOUT, 301));
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	379
				380	// Now check that unspecified, defaulted tags are correct.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	381	EXPECT_TRUE(contains(auths, TAG_ORIGIN, KM_ORIGIN_SOFTWARE));
				382	EXPECT_TRUE(contains(auths, KM_TAG_CREATION_DATETIME));
Shawn Willden	d077231	2014-09-18 12:27:57 -0600	[diff] [blame]	383	}
Shawn Willden	2079ae8	2015-01-22 13:42:31 -0700	[diff] [blame]	384	};
				385
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	386	struct ParamListDelete {
				387	void operator()(keymaster_key_param_set_t* p) { keymaster_free_param_set(p); }
				388	};
				389
				390	typedef UniquePtr<keymaster_key_param_set_t, ParamListDelete> UniqueParamSetPtr;
				391
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	392	TEST_F(NewKeyGeneration, Rsa) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	393	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA));
				394	params_.push_back(Authorization(TAG_KEY_SIZE, 256));
				395	params_.push_back(Authorization(TAG_RSA_PUBLIC_EXPONENT, 3));
				396	ASSERT_EQ(KM_ERROR_OK, device()->generate_key(device(), params_.data(), params_.size(), &blob_,
				397	&characteristics_));
				398	EXPECT_EQ(0U, characteristics_->hw_enforced.length);
				399	AuthorizationSet auths(characteristics_->sw_enforced);
				400	CheckBaseParams(auths);
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	401
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	402	// Check specified tags are all present in auths
				403	EXPECT_TRUE(contains(auths, TAG_ALGORITHM, KM_ALGORITHM_RSA));
				404	EXPECT_TRUE(contains(auths, TAG_KEY_SIZE, 256));
				405	EXPECT_TRUE(contains(auths, TAG_RSA_PUBLIC_EXPONENT, 3));
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	406	}
				407
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	408	TEST_F(NewKeyGeneration, RsaDefaultSize) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	409	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA));
				410	ASSERT_EQ(KM_ERROR_OK, device()->generate_key(device(), params_.data(), params_.size(), &blob_,
				411	&characteristics_));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	412
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	413	EXPECT_EQ(0U, characteristics_->hw_enforced.length);
				414	AuthorizationSet auths(characteristics_->sw_enforced);
				415	CheckBaseParams(auths);
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	416
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	417	// Check specified tags are all present in auths
				418	EXPECT_TRUE(contains(auths, TAG_ALGORITHM, KM_ALGORITHM_RSA));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	419
				420	// Now check that unspecified, defaulted tags are correct.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	421	EXPECT_TRUE(contains(auths, TAG_RSA_PUBLIC_EXPONENT, 65537));
				422	EXPECT_TRUE(contains(auths, TAG_KEY_SIZE, 2048));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	423	}
				424
Shawn Willden	c3864dd	2014-08-18 15:20:01 -0600	[diff] [blame]	425	TEST_F(NewKeyGeneration, Ecdsa) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	426	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
				427	params_.push_back(Authorization(TAG_KEY_SIZE, 224));
				428	EXPECT_EQ(KM_ERROR_OK, device()->generate_key(device(), params_.data(), params_.size(), &blob_,
				429	&characteristics_));
Shawn Willden	c3864dd	2014-08-18 15:20:01 -0600	[diff] [blame]	430
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	431	EXPECT_EQ(0U, characteristics_->hw_enforced.length);
				432	AuthorizationSet auths(characteristics_->sw_enforced);
				433	CheckBaseParams(auths);
Shawn Willden	c3864dd	2014-08-18 15:20:01 -0600	[diff] [blame]	434
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	435	// Check specified tags are all present in auths characteristics
				436	EXPECT_TRUE(contains(auths, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
				437	EXPECT_TRUE(contains(auths, TAG_KEY_SIZE, 224));
Shawn Willden	c3864dd	2014-08-18 15:20:01 -0600	[diff] [blame]	438	}
				439
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	440	TEST_F(NewKeyGeneration, EcdsaDefaultSize) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	441	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
				442	EXPECT_EQ(KM_ERROR_OK, device()->generate_key(device(), params_.data(), params_.size(), &blob_,
				443	&characteristics_));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	444
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	445	EXPECT_EQ(0U, characteristics_->hw_enforced.length);
				446	AuthorizationSet auths(characteristics_->sw_enforced);
				447	CheckBaseParams(auths);
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	448
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	449	// Check specified tags are all present in auths
				450	EXPECT_TRUE(contains(auths, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	451
				452	// Now check that unspecified, defaulted tags are correct.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	453	EXPECT_TRUE(contains(auths, TAG_KEY_SIZE, 224));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	454	}
				455
				456	TEST_F(NewKeyGeneration, EcdsaInvalidSize) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	457	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
				458	params_.push_back(Authorization(TAG_KEY_SIZE, 190));
				459	EXPECT_EQ(KM_ERROR_UNSUPPORTED_KEY_SIZE,
				460	device()->generate_key(device(), params_.data(), params_.size(), &blob_,
				461	&characteristics_));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	462	}
				463
				464	TEST_F(NewKeyGeneration, EcdsaAllValidSizes) {
Shawn Willden	8c856c8	2014-09-26 09:34:36 -0600	[diff] [blame]	465	size_t valid_sizes[] = {224, 256, 384, 521};
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	466	for (size_t size : valid_sizes) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	467	params_.Reinitialize(key_generation_base_params, array_length(key_generation_base_params));
				468	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
				469	params_.push_back(Authorization(TAG_KEY_SIZE, size));
				470	EXPECT_EQ(KM_ERROR_OK, device()->generate_key(device(), params_.data(), params_.size(),
				471	&blob_, &characteristics_))
				472	<< "Failed to generate size: " << size;
				473
				474	FreeCharacteristics();
				475	FreeKeyBlob();
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	476	}
				477	}
				478
Shawn Willden	19fca88	2015-01-22 16:35:30 -0700	[diff] [blame]	479	TEST_F(NewKeyGeneration, AesOcb) {
				480	keymaster_key_param_t params[] = {
				481	Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT),
				482	Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT),
				483	Authorization(TAG_ALGORITHM, KM_ALGORITHM_AES), Authorization(TAG_KEY_SIZE, 128),
				484	Authorization(TAG_BLOCK_MODE, KM_MODE_OCB), Authorization(TAG_CHUNK_LENGTH, 4096),
Shawn Willden	7efb878	2014-12-11 14:07:44 -0700	[diff] [blame]	485	Authorization(TAG_MAC_LENGTH, 16), Authorization(TAG_PADDING, KM_PAD_NONE),
Shawn Willden	19fca88	2015-01-22 16:35:30 -0700	[diff] [blame]	486	};
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	487	params_.Reinitialize(params, array_length(params));
				488	EXPECT_EQ(KM_ERROR_OK, device()->generate_key(device(), params_.data(), params_.size(), &blob_,
				489	&characteristics_));
Shawn Willden	19fca88	2015-01-22 16:35:30 -0700	[diff] [blame]	490	}
				491
				492	TEST_F(NewKeyGeneration, AesOcbInvalidKeySize) {
				493	keymaster_key_param_t params[] = {
				494	Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT),
				495	Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT),
Shawn Willden	95e1382	2014-12-15 16:12:16 -0700	[diff] [blame]	496	Authorization(TAG_ALGORITHM, KM_ALGORITHM_AES), Authorization(TAG_KEY_SIZE, 136),
Shawn Willden	19fca88	2015-01-22 16:35:30 -0700	[diff] [blame]	497	Authorization(TAG_BLOCK_MODE, KM_MODE_OCB), Authorization(TAG_CHUNK_LENGTH, 4096),
Shawn Willden	7efb878	2014-12-11 14:07:44 -0700	[diff] [blame]	498	Authorization(TAG_MAC_LENGTH, 16), Authorization(TAG_PADDING, KM_PAD_NONE),
Shawn Willden	19fca88	2015-01-22 16:35:30 -0700	[diff] [blame]	499	};
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	500	params_.Reinitialize(params, array_length(params));
Shawn Willden	95e1382	2014-12-15 16:12:16 -0700	[diff] [blame]	501	EXPECT_EQ(KM_ERROR_OK, device()->generate_key(device(), params_.data(), params_.size(), &blob_,
				502	&characteristics_));
				503
				504	keymaster_key_param_t* out_params;
				505	size_t out_params_count;
				506	uint64_t op_handle;
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	507	EXPECT_EQ(KM_ERROR_UNSUPPORTED_KEY_SIZE,
Shawn Willden	95e1382	2014-12-15 16:12:16 -0700	[diff] [blame]	508	device()->begin(device(), KM_PURPOSE_ENCRYPT, &blob_, NULL, 0, &out_params,
				509	&out_params_count, &op_handle));
				510	free(out_params);
Shawn Willden	19fca88	2015-01-22 16:35:30 -0700	[diff] [blame]	511	}
				512
				513	TEST_F(NewKeyGeneration, AesOcbAllValidSizes) {
				514	keymaster_key_param_t params[] = {
				515	Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT),
				516	Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT),
Shawn Willden	7efb878	2014-12-11 14:07:44 -0700	[diff] [blame]	517	Authorization(TAG_ALGORITHM, KM_ALGORITHM_AES), Authorization(TAG_BLOCK_MODE, KM_MODE_OCB),
				518	Authorization(TAG_MAC_LENGTH, 16), Authorization(TAG_CHUNK_LENGTH, 4096),
Shawn Willden	19fca88	2015-01-22 16:35:30 -0700	[diff] [blame]	519	Authorization(TAG_PADDING, KM_PAD_NONE),
				520	};
				521
				522	size_t valid_sizes[] = {128, 192, 256};
				523	for (size_t size : valid_sizes) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	524	params_.Reinitialize(params, array_length(params));
				525	params_.push_back(Authorization(TAG_KEY_SIZE, size));
Shawn Willden	95e1382	2014-12-15 16:12:16 -0700	[diff] [blame]	526	FreeCharacteristics();
				527	FreeKeyBlob();
				528
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	529	EXPECT_EQ(KM_ERROR_OK, device()->generate_key(device(), params_.data(), params_.size(),
				530	&blob_, &characteristics_))
				531	<< "Failed to generate size: " << size;
				532
Shawn Willden	95e1382	2014-12-15 16:12:16 -0700	[diff] [blame]	533	keymaster_key_param_t* out_params;
				534	size_t out_params_count;
				535	uint64_t op_handle;
				536	EXPECT_EQ(KM_ERROR_OK, device()->begin(device(), KM_PURPOSE_ENCRYPT, &blob_, NULL, 0,
				537	&out_params, &out_params_count, &op_handle))
				538	<< "Unsupported key size: " << size;
				539	free(out_params);
Shawn Willden	19fca88	2015-01-22 16:35:30 -0700	[diff] [blame]	540	}
				541	}
				542
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame^]	543	TEST_F(NewKeyGeneration, HmacSha256) {
				544	keymaster_key_param_t params[] = {
				545	Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
				546	Authorization(TAG_ALGORITHM, KM_ALGORITHM_HMAC), Authorization(TAG_KEY_SIZE, 128),
				547	Authorization(TAG_MAC_LENGTH, 16), Authorization(TAG_DIGEST, KM_DIGEST_SHA_2_256),
				548	};
				549	EXPECT_EQ(KM_ERROR_OK, device()->generate_key(device(), params, array_length(params), &blob_,
				550	&characteristics_));
				551	}
				552
Shawn Willden	7636471	2014-08-11 17:48:04 -0600	[diff] [blame]	553	typedef KeymasterTest GetKeyCharacteristics;
				554	TEST_F(GetKeyCharacteristics, SimpleRsa) {
				555	keymaster_key_param_t params[] = {
Shawn Willden	3809b93	2014-12-02 06:59:46 -0700	[diff] [blame]	556	Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
				557	Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA), Authorization(TAG_KEY_SIZE, 256),
				558	Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
				559	Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden	7636471	2014-08-11 17:48:04 -0600	[diff] [blame]	560	};
				561
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	562	ASSERT_EQ(KM_ERROR_OK, device()->generate_key(device(), params, array_length(params), &blob_,
				563	&characteristics_));
				564	AuthorizationSet original(characteristics_->sw_enforced);
				565	FreeCharacteristics();
Shawn Willden	7636471	2014-08-11 17:48:04 -0600	[diff] [blame]	566
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	567	keymaster_blob_t client_id = {.data = reinterpret_cast<const uint8_t*>("app_id"),
				568	.data_length = 6};
				569	ASSERT_EQ(KM_ERROR_OK,
				570	device()->get_key_characteristics(device(), &blob_, &client_id, NULL /* app_data */,
				571	&characteristics_));
				572	EXPECT_EQ(original, AuthorizationSet(characteristics_->sw_enforced));
Shawn Willden	7636471	2014-08-11 17:48:04 -0600	[diff] [blame]	573	}
				574
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	575	/**
				576	* Test class that provides some infrastructure for generating keys and signing messages.
				577	*/
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	578	class SigningOperationsTest : public KeymasterTest {
				579	protected:
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	580	SigningOperationsTest() {}
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	581	~SigningOperationsTest() {
				582	// Clean up so (most) tests won't have to.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	583	FreeSignature();
				584	}
				585
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame^]	586	// TODO(swillden): Refactor and move common test utils to KeymasterTest
				587	using KeymasterTest::GenerateKey;
				588
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	589	void GenerateKey(keymaster_algorithm_t algorithm, keymaster_digest_t digest,
				590	keymaster_padding_t padding, uint32_t key_size) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	591	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN));
				592	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY));
				593	params_.push_back(Authorization(TAG_ALGORITHM, algorithm));
				594	params_.push_back(Authorization(TAG_KEY_SIZE, key_size));
				595	params_.push_back(Authorization(TAG_USER_ID, 7));
				596	params_.push_back(Authorization(TAG_USER_AUTH_ID, 8));
				597	params_.push_back(Authorization(TAG_APPLICATION_ID, "app_id", 6));
				598	params_.push_back(Authorization(TAG_AUTH_TIMEOUT, 300));
Shawn Willden	43e999e	2014-08-13 13:29:50 -0600	[diff] [blame]	599	if (static_cast<int>(digest) != -1)
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	600	params_.push_back(TAG_DIGEST, digest);
Shawn Willden	43e999e	2014-08-13 13:29:50 -0600	[diff] [blame]	601	if (static_cast<int>(padding) != -1)
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	602	params_.push_back(TAG_PADDING, padding);
				603
				604	EXPECT_EQ(KM_ERROR_OK, device()->generate_key(device(), params_.data(), params_.size(),
				605	&blob_, &characteristics_));
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	606	}
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	607
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	608	void SignMessage(const void* message, size_t size) {
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	609	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_SIGN, blob_));
				610	string result;
				611	EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, size, &result, &input_consumed_));
				612	EXPECT_EQ(0, result.length());
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	613	EXPECT_EQ(size, input_consumed_);
				614
				615	EXPECT_EQ(KM_ERROR_OK,
				616	device()->finish(device(), op_handle_, NULL /* signature to verify */,
				617	0 /* signature to verify length */, &signature_,
				618	&signature_length_));
				619	EXPECT_GT(signature_length_, 0);
Shawn Willden	437fbd1	2014-08-20 11:59:49 -0600	[diff] [blame]	620	}
				621
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	622	void FreeSignature() {
				623	free(signature_);
				624	signature_ = NULL;
Shawn Willden	f268d74	2014-08-19 15:36:26 -0600	[diff] [blame]	625	}
				626
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame^]	627	const keymaster_key_blob_t& key_blob() { return blob_; }
				628
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	629	void corrupt_key_blob() {
				630	uint8_t* tmp = const_cast<uint8_t*>(blob_.key_material);
				631	++tmp[blob_.key_material_size / 2];
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	632	}
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	633	};
				634
				635	TEST_F(SigningOperationsTest, RsaSuccess) {
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	636	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
Shawn Willden	ffd790c	2014-08-18 21:20:06 -0600	[diff] [blame]	637	const char message[] = "12345678901234567890123456789012";
Shawn Willden	d05cba5	2014-09-26 09:58:12 -0600	[diff] [blame]	638	SignMessage(message, array_size(message) - 1);
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	639	}
				640
Shawn Willden	5ac2f8f	2014-08-18 15:33:10 -0600	[diff] [blame]	641	TEST_F(SigningOperationsTest, EcdsaSuccess) {
Shawn Willden	8c856c8	2014-09-26 09:34:36 -0600	[diff] [blame]	642	GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 224 /* key size */);
Shawn Willden	d05cba5	2014-09-26 09:58:12 -0600	[diff] [blame]	643	const char message[] = "123456789012345678901234567890123456789012345678";
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	644	string signature;
Shawn Willden	d05cba5	2014-09-26 09:58:12 -0600	[diff] [blame]	645	SignMessage(message, array_size(message) - 1);
Shawn Willden	5ac2f8f	2014-08-18 15:33:10 -0600	[diff] [blame]	646	}
				647
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	648	TEST_F(SigningOperationsTest, RsaAbort) {
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	649	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	650	ASSERT_EQ(KM_ERROR_OK, device()->begin(device(), KM_PURPOSE_SIGN, &blob_, client_params_,
				651	array_length(client_params_), &out_params_,
				652	&out_params_count_, &op_handle_));
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	653
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	654	EXPECT_EQ(KM_ERROR_OK, device()->abort(device(), op_handle_));
				655	EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device()->abort(device(), op_handle_));
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	656	}
				657
				658	TEST_F(SigningOperationsTest, RsaUnsupportedDigest) {
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	659	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_SHA_2_256, KM_PAD_NONE, 256 /* key size */);
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	660	ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST,
				661	device()->begin(device(), KM_PURPOSE_SIGN, &blob_, client_params_,
				662	array_length(client_params_), &out_params_, &out_params_count_,
				663	&op_handle_));
				664	EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device()->abort(device(), op_handle_));
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	665	}
				666
				667	TEST_F(SigningOperationsTest, RsaUnsupportedPadding) {
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	668	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_RSA_OAEP, 256 /* key size */);
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	669	ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE,
				670	device()->begin(device(), KM_PURPOSE_SIGN, &blob_, client_params_,
				671	array_length(client_params_), &out_params_, &out_params_count_,
				672	&op_handle_));
				673	EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device()->abort(device(), op_handle_));
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	674	}
				675
				676	TEST_F(SigningOperationsTest, RsaNoDigest) {
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	677	GenerateKey(KM_ALGORITHM_RSA, static_cast<keymaster_digest_t>(-1), KM_PAD_NONE,
				678	256 /* key size */);
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	679	ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST,
				680	device()->begin(device(), KM_PURPOSE_SIGN, &blob_, client_params_,
				681	array_length(client_params_), &out_params_, &out_params_count_,
				682	&op_handle_));
				683	EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device()->abort(device(), op_handle_));
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	684	}
				685
				686	TEST_F(SigningOperationsTest, RsaNoPadding) {
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	687	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, static_cast<keymaster_padding_t>(-1),
				688	256 /* key size */);
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	689	ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE,
				690	device()->begin(device(), KM_PURPOSE_SIGN, &blob_, client_params_,
				691	array_length(client_params_), &out_params_, &out_params_count_,
				692	&op_handle_));
				693	EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device()->abort(device(), op_handle_));
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	694	}
				695
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame^]	696	TEST_F(SigningOperationsTest, HmacSha256Success) {
				697	keymaster_key_param_t params[] = {
				698	Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
				699	Authorization(TAG_ALGORITHM, KM_ALGORITHM_HMAC), Authorization(TAG_KEY_SIZE, 128),
				700	Authorization(TAG_MAC_LENGTH, 32), Authorization(TAG_DIGEST, KM_DIGEST_SHA_2_256),
				701	Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
				702	Authorization(TAG_AUTH_TIMEOUT, 300),
				703	};
				704	params_.Reinitialize(params, array_length(params));
				705	GenerateKey(&params_);
				706	const char message[] = "12345678901234567890123456789012";
				707	string signature;
				708	SignMessage(message, array_size(message) - 1);
				709	ASSERT_EQ(32, signature_length_);
				710	}
				711
				712	// TODO(swillden): Add an HMACSHA256 test that validates against the test vectors from RFC4231.
				713	// Doing that requires being able to import keys, rather than just generate them
				714	// randomly.
				715
				716	TEST_F(SigningOperationsTest, HmacSha256NoTag) {
				717	keymaster_key_param_t params[] = {
				718	Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
				719	Authorization(TAG_ALGORITHM, KM_ALGORITHM_HMAC), Authorization(TAG_KEY_SIZE, 128),
				720	Authorization(TAG_MAC_LENGTH, 16), Authorization(TAG_DIGEST, KM_DIGEST_SHA_2_256),
				721	Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
				722	Authorization(TAG_AUTH_TIMEOUT, 300),
				723	};
				724	params_.Reinitialize(params, array_length(params));
				725	GenerateKey(&params_);
				726	const char message[] = "12345678901234567890123456789012";
				727	string signature;
				728	SignMessage(message, array_size(message) - 1);
				729	}
				730
				731	TEST_F(SigningOperationsTest, HmacSha256TooLargeTag) {
				732	keymaster_key_param_t params[] = {
				733	Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
				734	Authorization(TAG_ALGORITHM, KM_ALGORITHM_HMAC), Authorization(TAG_KEY_SIZE, 128),
				735	Authorization(TAG_MAC_LENGTH, 33), Authorization(TAG_DIGEST, KM_DIGEST_SHA_2_256),
				736	Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
				737	Authorization(TAG_AUTH_TIMEOUT, 300),
				738	};
				739	params_.Reinitialize(params, array_length(params));
				740	GenerateKey(&params_);
				741	ASSERT_EQ(KM_ERROR_UNSUPPORTED_MAC_LENGTH, BeginOperation(KM_PURPOSE_SIGN, key_blob()));
				742	}
				743
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	744	TEST_F(SigningOperationsTest, RsaTooShortMessage) {
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	745	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	746	ASSERT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_SIGN, key_blob()));
				747
				748	const char message[] = "012345678901234567890123456789";
				749	string result;
				750	size_t input_consumed;
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	751	ASSERT_EQ(KM_ERROR_OK,
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	752	UpdateOperation(message, array_length(message), &result, &input_consumed));
				753	EXPECT_EQ(0U, result.size());
				754	EXPECT_EQ(31U, input_consumed);
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	755
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	756	string signature;
				757	ASSERT_EQ(KM_ERROR_UNKNOWN_ERROR, FinishOperation(&signature));
				758	EXPECT_EQ(0U, signature.length());
Shawn Willden	43e999e	2014-08-13 13:29:50 -0600	[diff] [blame]	759	}
				760
Shawn Willden	d05cba5	2014-09-26 09:58:12 -0600	[diff] [blame]	761	class VerificationOperationsTest : public SigningOperationsTest {
				762	protected:
				763	void VerifyMessage(const void* message, size_t message_len) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	764	EXPECT_TRUE(signature_ != NULL);
Shawn Willden	d05cba5	2014-09-26 09:58:12 -0600	[diff] [blame]	765
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	766	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_VERIFY, blob_));
				767	string output;
				768	EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, message_len, &output, &input_consumed_));
				769	EXPECT_EQ(0U, output.size());
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	770	EXPECT_EQ(message_len, input_consumed_);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	771	output.clear();
				772	EXPECT_EQ(KM_ERROR_OK, FinishOperation(&output));
				773	EXPECT_EQ(0U, output.size());
Shawn Willden	d05cba5	2014-09-26 09:58:12 -0600	[diff] [blame]	774
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	775	EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device()->abort(device(), op_handle_));
Shawn Willden	d05cba5	2014-09-26 09:58:12 -0600	[diff] [blame]	776	}
				777	};
				778
Shawn Willden	43e999e	2014-08-13 13:29:50 -0600	[diff] [blame]	779	TEST_F(VerificationOperationsTest, RsaSuccess) {
Shawn Willden	61644f3	2014-08-18 13:43:14 -0600	[diff] [blame]	780	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
				781	const char message[] = "12345678901234567890123456789012";
				782	SignMessage(message, array_size(message) - 1);
Shawn Willden	d05cba5	2014-09-26 09:58:12 -0600	[diff] [blame]	783	VerifyMessage(message, array_size(message) - 1);
Shawn Willden	1615f2e	2014-08-13 10:37:40 -0600	[diff] [blame]	784	}
				785
Shawn Willden	5ac2f8f	2014-08-18 15:33:10 -0600	[diff] [blame]	786	TEST_F(VerificationOperationsTest, EcdsaSuccess) {
Shawn Willden	8c856c8	2014-09-26 09:34:36 -0600	[diff] [blame]	787	GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 224 /* key size */);
Shawn Willden	5ac2f8f	2014-08-18 15:33:10 -0600	[diff] [blame]	788	const char message[] = "123456789012345678901234567890123456789012345678";
				789	SignMessage(message, array_size(message) - 1);
Shawn Willden	d05cba5	2014-09-26 09:58:12 -0600	[diff] [blame]	790	VerifyMessage(message, array_size(message) - 1);
Shawn Willden	5ac2f8f	2014-08-18 15:33:10 -0600	[diff] [blame]	791	}
				792
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame^]	793	TEST_F(VerificationOperationsTest, HmacSha256Success) {
				794	keymaster_key_param_t params[] = {
				795	Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
				796	Authorization(TAG_ALGORITHM, KM_ALGORITHM_HMAC), Authorization(TAG_KEY_SIZE, 128),
				797	Authorization(TAG_MAC_LENGTH, 16), Authorization(TAG_DIGEST, KM_DIGEST_SHA_2_256),
				798	Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
				799	Authorization(TAG_AUTH_TIMEOUT, 300),
				800	};
				801	params_.Reinitialize(params, array_length(params));
				802	GenerateKey(&params_);
				803	const char message[] = "123456789012345678901234567890123456789012345678";
				804	string signature;
				805	SignMessage(message, array_size(message) - 1);
				806	VerifyMessage(message, array_size(message) - 1);
				807	}
				808
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	809	typedef VerificationOperationsTest ExportKeyTest;
Shawn Willden	ffd790c	2014-08-18 21:20:06 -0600	[diff] [blame]	810	TEST_F(ExportKeyTest, RsaSuccess) {
				811	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
Shawn Willden	ffd790c	2014-08-18 21:20:06 -0600	[diff] [blame]	812
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	813	uint8_t* export_data;
				814	size_t export_data_length;
				815	ASSERT_EQ(KM_ERROR_OK,
				816	device()->export_key(device(), KM_KEY_FORMAT_X509, &blob_, &client_id_,
				817	NULL /* app_data */, &export_data, &export_data_length));
				818	EXPECT_TRUE(export_data != NULL);
				819	EXPECT_GT(export_data_length, 0);
Shawn Willden	e46a43f	2014-08-27 10:35:36 -0600	[diff] [blame]	820
				821	// TODO(swillden): Verify that the exported key is actually usable to verify signatures.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	822	free(export_data);
Shawn Willden	ffd790c	2014-08-18 21:20:06 -0600	[diff] [blame]	823	}
				824
Shawn Willden	f268d74	2014-08-19 15:36:26 -0600	[diff] [blame]	825	TEST_F(ExportKeyTest, EcdsaSuccess) {
Shawn Willden	8c856c8	2014-09-26 09:34:36 -0600	[diff] [blame]	826	GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 224 /* key size */);
Shawn Willden	f268d74	2014-08-19 15:36:26 -0600	[diff] [blame]	827
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	828	uint8_t* export_data;
				829	size_t export_data_length;
				830	ASSERT_EQ(KM_ERROR_OK,
				831	device()->export_key(device(), KM_KEY_FORMAT_X509, &blob_, &client_id_,
				832	NULL /* app_data */, &export_data, &export_data_length));
				833	EXPECT_TRUE(export_data != NULL);
				834	EXPECT_GT(export_data_length, 0);
Shawn Willden	e46a43f	2014-08-27 10:35:36 -0600	[diff] [blame]	835
				836	// TODO(swillden): Verify that the exported key is actually usable to verify signatures.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	837	free(export_data);
Shawn Willden	f268d74	2014-08-19 15:36:26 -0600	[diff] [blame]	838	}
				839
				840	TEST_F(ExportKeyTest, RsaUnsupportedKeyFormat) {
				841	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256);
				842
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	843	uint8_t dummy[] = {1};
				844	uint8_t* export_data = dummy; // So it's not NULL;
				845	size_t export_data_length;
				846	ASSERT_EQ(KM_ERROR_UNSUPPORTED_KEY_FORMAT,
				847	device()->export_key(device(), KM_KEY_FORMAT_PKCS8, &blob_, &client_id_,
				848	NULL /* app_data */, &export_data, &export_data_length));
				849	ASSERT_TRUE(export_data == NULL);
Shawn Willden	f268d74	2014-08-19 15:36:26 -0600	[diff] [blame]	850	}
				851
				852	TEST_F(ExportKeyTest, RsaCorruptedKeyBlob) {
				853	GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256);
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	854	corrupt_key_blob();
Shawn Willden	f268d74	2014-08-19 15:36:26 -0600	[diff] [blame]	855
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	856	uint8_t dummy[] = {1};
				857	uint8_t* export_data = dummy; // So it's not NULL
				858	size_t export_data_length;
				859	ASSERT_EQ(KM_ERROR_INVALID_KEY_BLOB,
				860	device()->export_key(device(), KM_KEY_FORMAT_X509, &blob_, &client_id_,
				861	NULL /* app_data */, &export_data, &export_data_length));
				862	ASSERT_TRUE(export_data == NULL);
Shawn Willden	f268d74	2014-08-19 15:36:26 -0600	[diff] [blame]	863	}
				864
Shawn Willden	437fbd1	2014-08-20 11:59:49 -0600	[diff] [blame]	865	static string read_file(const string& file_name) {
				866	ifstream file_stream(file_name, std::ios::binary);
				867	istreambuf_iterator<char> file_begin(file_stream);
				868	istreambuf_iterator<char> file_end;
				869	return string(file_begin, file_end);
				870	}
				871
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	872	class ImportKeyTest : public VerificationOperationsTest {
				873	protected:
				874	ImportKeyTest() {
				875	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN));
				876	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY));
				877	params_.push_back(Authorization(TAG_DIGEST, KM_DIGEST_NONE));
				878	params_.push_back(Authorization(TAG_PADDING, KM_PAD_NONE));
				879	params_.push_back(Authorization(TAG_USER_ID, 7));
				880	params_.push_back(Authorization(TAG_USER_AUTH_ID, 8));
				881	params_.push_back(Authorization(TAG_APPLICATION_ID, "app_id", 6));
				882	params_.push_back(Authorization(TAG_AUTH_TIMEOUT, 300));
				883	}
				884	};
Brian Carlstrom	ecf2ae9	2015-01-29 09:56:10 -0800	[diff] [blame]	885
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	886	TEST_F(ImportKeyTest, RsaSuccess) {
Shawn Willden	81effc6	2014-08-27 10:08:46 -0600	[diff] [blame]	887	string pk8_key = read_file("rsa_privkey_pk8.der");
Shawn Willden	437fbd1	2014-08-20 11:59:49 -0600	[diff] [blame]	888	ASSERT_EQ(633U, pk8_key.size());
				889
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	890	ASSERT_EQ(KM_ERROR_OK,
				891	device()->import_key(device(), params_.data(), params_.size(), KM_KEY_FORMAT_PKCS8,
				892	reinterpret_cast<const uint8_t*>(pk8_key.data()), pk8_key.size(),
				893	&blob_, &characteristics_));
				894	EXPECT_EQ(0U, characteristics_->hw_enforced.length);
				895	AuthorizationSet auths(characteristics_->sw_enforced);
Shawn Willden	437fbd1	2014-08-20 11:59:49 -0600	[diff] [blame]	896
				897	// Check values derived from the key.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	898	EXPECT_TRUE(contains(auths, TAG_ALGORITHM, KM_ALGORITHM_RSA));
				899	EXPECT_TRUE(contains(auths, TAG_KEY_SIZE, 1024));
				900	EXPECT_TRUE(contains(auths, TAG_RSA_PUBLIC_EXPONENT, 65537U));
Shawn Willden	437fbd1	2014-08-20 11:59:49 -0600	[diff] [blame]	901
				902	// And values provided by GoogleKeymaster
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	903	EXPECT_TRUE(contains(auths, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
				904	EXPECT_TRUE(contains(auths, KM_TAG_CREATION_DATETIME));
Shawn Willden	437fbd1	2014-08-20 11:59:49 -0600	[diff] [blame]	905
				906	size_t message_len = 1024 / 8;
				907	UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
				908	std::fill(message.get(), message.get() + message_len, 'a');
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	909	SignMessage(message.get(), message_len);
				910	VerifyMessage(message.get(), message_len);
Shawn Willden	437fbd1	2014-08-20 11:59:49 -0600	[diff] [blame]	911	}
				912
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	913	TEST_F(ImportKeyTest, RsaKeySizeMismatch) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	914	params_.push_back(Authorization(TAG_KEY_SIZE, 2048)); // Doesn't match key
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	915
				916	string pk8_key = read_file("rsa_privkey_pk8.der");
				917	ASSERT_EQ(633U, pk8_key.size());
				918
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	919	ASSERT_EQ(KM_ERROR_IMPORT_PARAMETER_MISMATCH,
				920	device()->import_key(device(), params_.data(), params_.size(), KM_KEY_FORMAT_PKCS8,
				921	reinterpret_cast<const uint8_t*>(pk8_key.data()), pk8_key.size(),
				922	&blob_, &characteristics_));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	923	}
				924
				925	TEST_F(ImportKeyTest, RsaPublicExponenMismatch) {
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	926	params_.push_back(Authorization(TAG_RSA_PUBLIC_EXPONENT, 3)); // Doesn't match key
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	927
				928	string pk8_key = read_file("rsa_privkey_pk8.der");
				929	ASSERT_EQ(633U, pk8_key.size());
				930
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	931	ASSERT_EQ(KM_ERROR_IMPORT_PARAMETER_MISMATCH,
				932	device()->import_key(device(), params_.data(), params_.size(), KM_KEY_FORMAT_PKCS8,
				933	reinterpret_cast<const uint8_t*>(pk8_key.data()), pk8_key.size(),
				934	&blob_, &characteristics_));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	935	}
				936
Shawn Willden	81effc6	2014-08-27 10:08:46 -0600	[diff] [blame]	937	TEST_F(ImportKeyTest, EcdsaSuccess) {
Shawn Willden	81effc6	2014-08-27 10:08:46 -0600	[diff] [blame]	938	string pk8_key = read_file("ec_privkey_pk8.der");
				939	ASSERT_EQ(138U, pk8_key.size());
				940
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	941	ASSERT_EQ(KM_ERROR_OK,
				942	device()->import_key(device(), params_.data(), params_.size(), KM_KEY_FORMAT_PKCS8,
				943	reinterpret_cast<const uint8_t*>(pk8_key.data()), pk8_key.size(),
				944	&blob_, &characteristics_));
				945	EXPECT_EQ(0U, characteristics_->hw_enforced.length);
				946	AuthorizationSet auths(characteristics_->sw_enforced);
Shawn Willden	81effc6	2014-08-27 10:08:46 -0600	[diff] [blame]	947
				948	// Check values derived from the key.
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	949	EXPECT_TRUE(contains(auths, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
				950	EXPECT_TRUE(contains(auths, TAG_KEY_SIZE, 256));
Shawn Willden	81effc6	2014-08-27 10:08:46 -0600	[diff] [blame]	951
				952	// And values provided by GoogleKeymaster
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	953	EXPECT_TRUE(contains(auths, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
				954	EXPECT_TRUE(contains(auths, KM_TAG_CREATION_DATETIME));
Shawn Willden	81effc6	2014-08-27 10:08:46 -0600	[diff] [blame]	955
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	956	size_t message_len = 1024;
Shawn Willden	81effc6	2014-08-27 10:08:46 -0600	[diff] [blame]	957	UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
				958	std::fill(message.get(), message.get() + message_len, 'a');
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	959	SignMessage(message.get(), message_len);
				960	VerifyMessage(message.get(), message_len);
Shawn Willden	81effc6	2014-08-27 10:08:46 -0600	[diff] [blame]	961	}
				962
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	963	TEST_F(ImportKeyTest, EcdsaKeySizeMismatch) {
				964	params_.push_back(Authorization(TAG_KEY_SIZE, 224)); // Doesn't match key
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	965
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	966	string pk8_key = read_file("rsa_privkey_pk8.der");
				967	ASSERT_EQ(633U, pk8_key.size());
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	968
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	969	ASSERT_EQ(KM_ERROR_IMPORT_PARAMETER_MISMATCH,
				970	device()->import_key(device(), params_.data(), params_.size(), KM_KEY_FORMAT_PKCS8,
				971	reinterpret_cast<const uint8_t*>(pk8_key.data()), pk8_key.size(),
				972	&blob_, &characteristics_));
Shawn Willden	6bbe678	2014-09-18 11:26:15 -0600	[diff] [blame]	973	}
				974
Shawn Willden	2665e86	2014-11-24 14:46:21 -0700	[diff] [blame]	975	typedef KeymasterTest VersionTest;
				976	TEST_F(VersionTest, GetVersion) {
				977	GetVersionRequest req;
				978	GetVersionResponse rsp;
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	979	device_.GetVersion(req, &rsp);
Shawn Willden	2665e86	2014-11-24 14:46:21 -0700	[diff] [blame]	980	EXPECT_EQ(KM_ERROR_OK, rsp.error);
				981	EXPECT_EQ(1, rsp.major_ver);
				982	EXPECT_EQ(0, rsp.minor_ver);
				983	EXPECT_EQ(0, rsp.subminor_ver);
				984	}
				985
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	986	/**
				987	* Test class that provides some infrastructure for generating keys and encrypting messages.
				988	*/
				989	class EncryptionOperationsTest : public KeymasterTest {
				990	protected:
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame^]	991	// TODO(swillden): Refactor and move common test utils to KeymasterTest
				992	using KeymasterTest::GenerateKey;
Shawn Willden	be4a2a3	2014-12-15 14:51:10 -0700	[diff] [blame]	993
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	994	void GenerateKey(keymaster_algorithm_t algorithm, keymaster_padding_t padding,
				995	uint32_t key_size) {
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	996	params_.Clear();
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	997	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
				998	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT));
				999	params_.push_back(Authorization(TAG_ALGORITHM, algorithm));
				1000	params_.push_back(Authorization(TAG_KEY_SIZE, key_size));
				1001	params_.push_back(Authorization(TAG_USER_ID, 7));
				1002	params_.push_back(Authorization(TAG_USER_AUTH_ID, 8));
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	1003	params_.push_back(Authorization(TAG_AUTH_TIMEOUT, 300));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1004	if (static_cast<int>(padding) != -1)
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	1005	params_.push_back(TAG_PADDING, padding);
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1006
Shawn Willden	be4a2a3	2014-12-15 14:51:10 -0700	[diff] [blame]	1007	GenerateKey(&params_);
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1008	}
				1009
Shawn Willden	907c301	2014-12-08 15:51:55 -0700	[diff] [blame]	1010	void GenerateSymmetricKey(keymaster_algorithm_t algorithm, uint32_t key_size,
				1011	keymaster_block_mode_t block_mode, uint32_t chunk_length) {
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1012	params_.Clear();
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	1013	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
				1014	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT));
				1015	params_.push_back(Authorization(TAG_ALGORITHM, algorithm));
				1016	params_.push_back(Authorization(TAG_BLOCK_MODE, block_mode));
				1017	params_.push_back(Authorization(TAG_CHUNK_LENGTH, chunk_length));
				1018	params_.push_back(Authorization(TAG_KEY_SIZE, key_size));
				1019	params_.push_back(Authorization(TAG_MAC_LENGTH, 16));
				1020	params_.push_back(Authorization(TAG_USER_ID, 7));
				1021	params_.push_back(Authorization(TAG_USER_AUTH_ID, 8));
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	1022	params_.push_back(Authorization(TAG_AUTH_TIMEOUT, 300));
				1023
Shawn Willden	be4a2a3	2014-12-15 14:51:10 -0700	[diff] [blame]	1024	GenerateKey(&params_);
Shawn Willden	907c301	2014-12-08 15:51:55 -0700	[diff] [blame]	1025	}
				1026
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1027	string ProcessMessage(keymaster_purpose_t purpose, const keymaster_key_blob_t& key_blob,
				1028	const void* message, size_t size) {
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1029	EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, key_blob));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1030
				1031	string result;
Shawn Willden	b736113	2014-12-08 08:15:14 -0700	[diff] [blame]	1032	size_t input_consumed;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1033	EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, size, &result, &input_consumed));
Shawn Willden	b736113	2014-12-08 08:15:14 -0700	[diff] [blame]	1034	EXPECT_EQ(size, input_consumed);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1035	EXPECT_EQ(KM_ERROR_OK, FinishOperation(&result));
				1036	EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device()->abort(device(), op_handle_));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1037	return result;
				1038	}
				1039
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1040	string EncryptMessage(const string& message) {
				1041	return ProcessMessage(KM_PURPOSE_ENCRYPT, blob_, message.c_str(), message.length());
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1042	}
				1043
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1044	string DecryptMessage(const string& ciphertext) {
				1045	return ProcessMessage(KM_PURPOSE_DECRYPT, blob_, ciphertext.c_str(), ciphertext.length());
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1046	}
				1047
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	1048	const void corrupt_key_blob() {
				1049	uint8_t* tmp = const_cast<uint8_t*>(blob_.key_material);
				1050	++tmp[blob_.key_material_size / 2];
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1051	}
				1052
Shawn Willden	5b53c99	2015-02-02 08:05:25 -0700	[diff] [blame]	1053	keymaster_blob_t client_id_ = {.data = reinterpret_cast<const uint8_t*>("app_id"),
				1054	.data_length = 6};
				1055	keymaster_key_param_t client_params_[1] = {
				1056	Authorization(TAG_APPLICATION_ID, client_id_.data, client_id_.data_length)};
				1057
				1058	keymaster_key_param_t* out_params_;
				1059	size_t out_params_count_;
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1060	};
				1061
				1062	TEST_F(EncryptionOperationsTest, RsaOaepSuccess) {
				1063	GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_OAEP, 512);
				1064	const char message[] = "Hello World!";
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1065	string ciphertext1 = EncryptMessage(string(message));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1066	EXPECT_EQ(512 / 8, ciphertext1.size());
				1067
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1068	string ciphertext2 = EncryptMessage(string(message));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1069	EXPECT_EQ(512 / 8, ciphertext2.size());
				1070
				1071	// OAEP randomizes padding so every result should be different.
				1072	EXPECT_NE(ciphertext1, ciphertext2);
				1073	}
				1074
				1075	TEST_F(EncryptionOperationsTest, RsaOaepRoundTrip) {
				1076	GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_OAEP, 512);
				1077	const char message[] = "Hello World!";
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1078	string ciphertext = EncryptMessage(string(message));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1079	EXPECT_EQ(512 / 8, ciphertext.size());
				1080
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1081	string plaintext = DecryptMessage(ciphertext);
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1082	EXPECT_EQ(message, plaintext);
				1083	}
				1084
				1085	TEST_F(EncryptionOperationsTest, RsaOaepTooLarge) {
				1086	GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_OAEP, 512);
				1087	const char message[] = "12345678901234567890123";
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1088	string result;
Shawn Willden	b736113	2014-12-08 08:15:14 -0700	[diff] [blame]	1089	size_t input_consumed;
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1090
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1091	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_ENCRYPT, blob_));
				1092	EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, array_size(message), &result, &input_consumed));
				1093	EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, FinishOperation(&result));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1094	EXPECT_EQ(0, result.size());
				1095	}
				1096
				1097	TEST_F(EncryptionOperationsTest, RsaOaepCorruptedDecrypt) {
				1098	GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_OAEP, 512);
				1099	const char message[] = "Hello World!";
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1100	string ciphertext = EncryptMessage(string(message));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1101	EXPECT_EQ(512 / 8, ciphertext.size());
				1102
				1103	// Corrupt the ciphertext
				1104	ciphertext[512 / 8 / 2]++;
				1105
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1106	string result;
Shawn Willden	b736113	2014-12-08 08:15:14 -0700	[diff] [blame]	1107	size_t input_consumed;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1108	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_DECRYPT, blob_));
				1109	EXPECT_EQ(KM_ERROR_OK,
				1110	UpdateOperation(ciphertext.data(), ciphertext.size(), &result, &input_consumed));
				1111	EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, FinishOperation(&result));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1112	EXPECT_EQ(0, result.size());
				1113	}
				1114
				1115	TEST_F(EncryptionOperationsTest, RsaPkcs1Success) {
				1116	GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_PKCS1_1_5_ENCRYPT, 512);
				1117	const char message[] = "Hello World!";
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1118	string ciphertext1 = EncryptMessage(string(message));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1119	EXPECT_EQ(512 / 8, ciphertext1.size());
				1120
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1121	string ciphertext2 = EncryptMessage(string(message));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1122	EXPECT_EQ(512 / 8, ciphertext2.size());
				1123
				1124	// PKCS1 v1.5 randomizes padding so every result should be different.
				1125	EXPECT_NE(ciphertext1, ciphertext2);
				1126	}
				1127
				1128	TEST_F(EncryptionOperationsTest, RsaPkcs1RoundTrip) {
				1129	GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_PKCS1_1_5_ENCRYPT, 512);
				1130	const char message[] = "Hello World!";
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1131	string ciphertext = EncryptMessage(string(message));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1132	EXPECT_EQ(512 / 8, ciphertext.size());
				1133
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1134	string plaintext = DecryptMessage(ciphertext);
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1135	EXPECT_EQ(message, plaintext);
				1136	}
				1137
				1138	TEST_F(EncryptionOperationsTest, RsaPkcs1TooLarge) {
				1139	GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_PKCS1_1_5_ENCRYPT, 512);
				1140	const char message[] = "1234567890123456789012345678901234567890123456789012";
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1141	string result;
Shawn Willden	b736113	2014-12-08 08:15:14 -0700	[diff] [blame]	1142	size_t input_consumed;
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1143
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1144	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_ENCRYPT, blob_));
				1145	EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, array_size(message), &result, &input_consumed));
				1146	EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, FinishOperation(&result));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1147	EXPECT_EQ(0, result.size());
				1148	}
				1149
				1150	TEST_F(EncryptionOperationsTest, RsaPkcs1CorruptedDecrypt) {
				1151	GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_PKCS1_1_5_ENCRYPT, 512);
				1152	const char message[] = "Hello World!";
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1153	string ciphertext = EncryptMessage(string(message));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1154	EXPECT_EQ(512 / 8, ciphertext.size());
				1155
				1156	// Corrupt the ciphertext
				1157	ciphertext[512 / 8 / 2]++;
				1158
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1159	string result;
Shawn Willden	b736113	2014-12-08 08:15:14 -0700	[diff] [blame]	1160	size_t input_consumed;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1161	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_DECRYPT, blob_));
				1162	EXPECT_EQ(KM_ERROR_OK,
				1163	UpdateOperation(ciphertext.data(), ciphertext.size(), &result, &input_consumed));
				1164	EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, FinishOperation(&result));
Shawn Willden	4200f21	2014-12-02 07:01:21 -0700	[diff] [blame]	1165	EXPECT_EQ(0, result.size());
				1166	}
				1167
Shawn Willden	907c301	2014-12-08 15:51:55 -0700	[diff] [blame]	1168	TEST_F(EncryptionOperationsTest, AesOcbSuccess) {
				1169	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, 4096);
				1170	const char message[] = "Hello World!";
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1171	string ciphertext1 = EncryptMessage(string(message));
Shawn Willden	907c301	2014-12-08 15:51:55 -0700	[diff] [blame]	1172	EXPECT_EQ(12 /* nonce / + strlen(message) + 16 / tag */, ciphertext1.size());
				1173
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1174	string ciphertext2 = EncryptMessage(string(message));
Shawn Willden	907c301	2014-12-08 15:51:55 -0700	[diff] [blame]	1175	EXPECT_EQ(12 /* nonce / + strlen(message) + 16 / tag */, ciphertext2.size());
				1176
				1177	// OCB uses a random nonce, so every output should be different
				1178	EXPECT_NE(ciphertext1, ciphertext2);
				1179	}
				1180
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1181	TEST_F(EncryptionOperationsTest, AesOcbRoundTripSuccess) {
				1182	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, 4096);
				1183	string message = "Hello World!";
				1184	string ciphertext = EncryptMessage(message);
				1185	EXPECT_EQ(12 /* nonce / + message.length() + 16 / tag */, ciphertext.size());
				1186
				1187	string plaintext = DecryptMessage(ciphertext);
				1188	EXPECT_EQ(message, plaintext);
				1189	}
				1190
				1191	TEST_F(EncryptionOperationsTest, AesOcbRoundTripCorrupted) {
				1192	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, 4096);
				1193	const char message[] = "Hello World!";
				1194	string ciphertext = EncryptMessage(string(message));
				1195	EXPECT_EQ(12 /* nonce / + strlen(message) + 16 / tag */, ciphertext.size());
				1196
				1197	ciphertext[ciphertext.size() / 2]++;
				1198
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1199	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_DECRYPT, key_blob()));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1200
				1201	string result;
				1202	size_t input_consumed;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1203	EXPECT_EQ(KM_ERROR_OK,
				1204	UpdateOperation(ciphertext.c_str(), ciphertext.length(), &result, &input_consumed));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1205	EXPECT_EQ(ciphertext.length(), input_consumed);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1206	EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED, FinishOperation(&result));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1207	}
				1208
				1209	TEST_F(EncryptionOperationsTest, AesDecryptGarbage) {
				1210	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, 4096);
				1211	string ciphertext(128, 'a');
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1212	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_DECRYPT, key_blob()));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1213
				1214	string result;
				1215	size_t input_consumed;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1216	EXPECT_EQ(KM_ERROR_OK,
				1217	UpdateOperation(ciphertext.c_str(), ciphertext.length(), &result, &input_consumed));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1218	EXPECT_EQ(ciphertext.length(), input_consumed);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1219	EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED, FinishOperation(&result));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1220	}
				1221
				1222	TEST_F(EncryptionOperationsTest, AesDecryptTooShort) {
				1223	// Try decrypting garbage ciphertext that is too short to be valid (< nonce + tag).
				1224	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, 4096);
				1225	string ciphertext(12 + 15, 'a');
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1226	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_DECRYPT, key_blob()));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1227
				1228	string result;
				1229	size_t input_consumed;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1230	EXPECT_EQ(KM_ERROR_OK,
				1231	UpdateOperation(ciphertext.c_str(), ciphertext.length(), &result, &input_consumed));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1232	EXPECT_EQ(ciphertext.length(), input_consumed);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1233	EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, FinishOperation(&result));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1234	}
				1235
				1236	TEST_F(EncryptionOperationsTest, AesOcbRoundTripEmptySuccess) {
				1237	// Empty messages should work fine.
				1238	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, 4096);
				1239	const char message[] = "";
				1240	string ciphertext = EncryptMessage(string(message));
				1241	EXPECT_EQ(12 /* nonce / + strlen(message) + 16 / tag */, ciphertext.size());
				1242
				1243	string plaintext = DecryptMessage(ciphertext);
				1244	EXPECT_EQ(message, plaintext);
				1245	}
				1246
				1247	TEST_F(EncryptionOperationsTest, AesOcbRoundTripEmptyCorrupted) {
				1248	// Should even detect corruption of empty messages.
				1249	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, 4096);
				1250	const char message[] = "";
				1251	string ciphertext = EncryptMessage(string(message));
				1252	EXPECT_EQ(12 /* nonce / + strlen(message) + 16 / tag */, ciphertext.size());
				1253
				1254	ciphertext[ciphertext.size() / 2]++;
				1255
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1256	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_DECRYPT, key_blob()));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1257
				1258	string result;
				1259	size_t input_consumed;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1260	EXPECT_EQ(KM_ERROR_OK,
				1261	UpdateOperation(ciphertext.c_str(), ciphertext.length(), &result, &input_consumed));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1262	EXPECT_EQ(ciphertext.length(), input_consumed);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1263	EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED, FinishOperation(&result));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1264	}
				1265
				1266	TEST_F(EncryptionOperationsTest, AesOcbFullChunk) {
				1267	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, 4096);
				1268	string message(4096, 'a');
				1269	string ciphertext = EncryptMessage(message);
				1270	EXPECT_EQ(12 /* nonce / + message.length() + 16 / tag */, ciphertext.size());
				1271
				1272	string plaintext = DecryptMessage(ciphertext);
				1273	EXPECT_EQ(message, plaintext);
				1274	}
				1275
				1276	TEST_F(EncryptionOperationsTest, AesOcbVariousChunkLengths) {
				1277	for (unsigned chunk_length = 1; chunk_length <= 128; ++chunk_length) {
				1278	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, chunk_length);
				1279	string message(128, 'a');
				1280	string ciphertext = EncryptMessage(message);
				1281	int expected_tag_count = (message.length() + chunk_length - 1) / chunk_length;
				1282	EXPECT_EQ(12 /* nonce / + message.length() + 16 expected_tag_count, ciphertext.size())
				1283	<< "Unexpected ciphertext size for chunk length " << chunk_length
				1284	<< " expected tag count was " << expected_tag_count
				1285	<< " but actual tag count was probably "
				1286	<< (ciphertext.size() - message.length() - 12) / 16;
				1287
				1288	string plaintext = DecryptMessage(ciphertext);
				1289	EXPECT_EQ(message, plaintext);
				1290	}
				1291	}
				1292
				1293	TEST_F(EncryptionOperationsTest, AesOcbAbort) {
				1294	GenerateSymmetricKey(KM_ALGORITHM_AES, 128, KM_MODE_OCB, 4096);
				1295	const char message[] = "Hello";
				1296
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1297	EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_ENCRYPT, key_blob()));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1298
				1299	string result;
				1300	size_t input_consumed;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1301	EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, strlen(message), &result, &input_consumed));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1302	EXPECT_EQ(strlen(message), input_consumed);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1303	EXPECT_EQ(KM_ERROR_OK, device()->abort(device(), op_handle_));
Shawn Willden	6dde87c	2014-12-11 14:08:48 -0700	[diff] [blame]	1304	}
				1305
Shawn Willden	be4a2a3	2014-12-15 14:51:10 -0700	[diff] [blame]	1306	TEST_F(EncryptionOperationsTest, AesOcbNoChunkLength) {
				1307	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
				1308	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT));
				1309	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_AES));
				1310	params_.push_back(Authorization(TAG_KEY_SIZE, 128));
				1311	params_.push_back(Authorization(TAG_MAC_LENGTH, 16));
				1312	params_.push_back(Authorization(TAG_BLOCK_MODE, KM_MODE_OCB));
				1313	params_.push_back(Authorization(TAG_PADDING, KM_PAD_NONE));
				1314
				1315	GenerateKey(&params_);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1316	EXPECT_EQ(KM_ERROR_INVALID_ARGUMENT, BeginOperation(KM_PURPOSE_ENCRYPT, key_blob()));
Shawn Willden	be4a2a3	2014-12-15 14:51:10 -0700	[diff] [blame]	1317	}
				1318
				1319	TEST_F(EncryptionOperationsTest, AesEcbUnsupported) {
				1320	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
				1321	params_.push_back(Authorization(TAG_MAC_LENGTH, 16));
				1322	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT));
				1323	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_AES));
				1324	params_.push_back(Authorization(TAG_KEY_SIZE, 128));
				1325	params_.push_back(Authorization(TAG_BLOCK_MODE, KM_MODE_ECB));
				1326	params_.push_back(Authorization(TAG_PADDING, KM_PAD_NONE));
				1327
				1328	GenerateKey(&params_);
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1329	EXPECT_EQ(KM_ERROR_UNSUPPORTED_BLOCK_MODE, BeginOperation(KM_PURPOSE_ENCRYPT, key_blob()));
Shawn Willden	be4a2a3	2014-12-15 14:51:10 -0700	[diff] [blame]	1330	}
				1331
				1332	TEST_F(EncryptionOperationsTest, AesOcbPaddingUnsupported) {
				1333	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
				1334	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT));
				1335	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_AES));
				1336	params_.push_back(Authorization(TAG_KEY_SIZE, 128));
				1337	params_.push_back(Authorization(TAG_MAC_LENGTH, 16));
				1338	params_.push_back(Authorization(TAG_BLOCK_MODE, KM_MODE_OCB));
				1339	params_.push_back(Authorization(TAG_CHUNK_LENGTH, 4096));
				1340	params_.push_back(Authorization(TAG_PADDING, KM_PAD_ZERO));
				1341
				1342	GenerateKey(&params_);
				1343	uint64_t op_handle;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1344	EXPECT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, BeginOperation(KM_PURPOSE_ENCRYPT, key_blob()));
Shawn Willden	be4a2a3	2014-12-15 14:51:10 -0700	[diff] [blame]	1345	}
				1346
				1347	TEST_F(EncryptionOperationsTest, AesOcbInvalidMacLength) {
				1348	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
				1349	params_.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT));
				1350	params_.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_AES));
				1351	params_.push_back(Authorization(TAG_KEY_SIZE, 128));
				1352	params_.push_back(Authorization(TAG_MAC_LENGTH, 17));
				1353	params_.push_back(Authorization(TAG_BLOCK_MODE, KM_MODE_OCB));
				1354	params_.push_back(Authorization(TAG_CHUNK_LENGTH, 4096));
				1355
				1356	GenerateKey(&params_);
				1357	uint64_t op_handle;
Shawn Willden	d6cd7e3	2014-12-17 08:01:26 -0700	[diff] [blame]	1358	EXPECT_EQ(KM_ERROR_INVALID_KEY_BLOB, BeginOperation(KM_PURPOSE_ENCRYPT, key_blob()));
Shawn Willden	be4a2a3	2014-12-15 14:51:10 -0700	[diff] [blame]	1359	}
				1360
Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	1361	} // namespace test
				1362	} // namespace keymaster