Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / keymaster / 370121346777e13437c275fbe7a975d899cc325c / . / authorization_set_test.cpp
blob: 8ba12f5b270462f4b27c6ab178ee3a8ac2ed5c05 [file] [log] [blame]
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <gtest/gtest.h>
18
19#include "authorization_set.h"
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]20#include "google_keymaster_test_utils.h"
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]21#include "google_keymaster_utils.h"
22
23int main(int argc, char** argv) {
24 ::testing::InitGoogleTest(&argc, argv);
25 int result = RUN_ALL_TESTS();
26 return result;
27}
28
29namespace keymaster {
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]30
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]31namespace test {
32
33TEST(Construction, ListProvided) {
34 keymaster_key_param_t params[] = {
35 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
36 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
37 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
38 Authorization(TAG_USER_ID, 7),
39 Authorization(TAG_USER_AUTH_ID, 8),
40 Authorization(TAG_APPLICATION_ID, "my_app", 6),
41 Authorization(TAG_KEY_SIZE, 256),
42 Authorization(TAG_AUTH_TIMEOUT, 300),
43 };
44 AuthorizationSet set(params, array_length(params));
45 EXPECT_EQ(8U, set.size());
46}
47
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]48TEST(Construction, Copy) {
49 keymaster_key_param_t params[] = {
50 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
51 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
52 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
53 Authorization(TAG_USER_ID, 7),
54 Authorization(TAG_USER_AUTH_ID, 8),
55 Authorization(TAG_APPLICATION_ID, "my_app", 6),
56 Authorization(TAG_KEY_SIZE, 256),
57 Authorization(TAG_AUTH_TIMEOUT, 300),
58 };
59 AuthorizationSet set(params, array_length(params));
60 AuthorizationSet set2(set);
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]61 EXPECT_EQ(set, set2);
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]62}
63
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]64TEST(Lookup, NonRepeated) {
65 keymaster_key_param_t params[] = {
66 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
67 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
68 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
69 Authorization(TAG_USER_ID, 7),
70 Authorization(TAG_USER_AUTH_ID, 8),
71 Authorization(TAG_APPLICATION_ID, "my_app", 6),
72 Authorization(TAG_KEY_SIZE, 256),
73 Authorization(TAG_AUTH_TIMEOUT, 300),
74 };
75 AuthorizationSet set(params, array_length(params));
76 EXPECT_EQ(8U, set.size());
77
78 int pos = set.find(TAG_ALGORITHM);
79 ASSERT_NE(-1, pos);
80 EXPECT_EQ(KM_TAG_ALGORITHM, set[pos].tag);
81 EXPECT_EQ(KM_ALGORITHM_RSA, set[pos].enumerated);
82
83 pos = set.find(TAG_MAC_LENGTH);
84 EXPECT_EQ(-1, pos);
85
86 uint32_t int_val = 0;
87 EXPECT_TRUE(set.GetTagValue(TAG_USER_ID, &int_val));
88 EXPECT_EQ(7U, int_val);
89
90 keymaster_blob_t blob_val;
91 EXPECT_TRUE(set.GetTagValue(TAG_APPLICATION_ID, &blob_val));
92 EXPECT_EQ(6U, blob_val.data_length);
93 EXPECT_EQ(0, memcmp(blob_val.data, "my_app", 6));
94}
95
96TEST(Lookup, Repeated) {
97 keymaster_key_param_t params[] = {
98 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
99 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
100 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
101 Authorization(TAG_USER_ID, 7),
102 Authorization(TAG_USER_AUTH_ID, 8),
103 Authorization(TAG_APPLICATION_ID, "my_app", 6),
104 Authorization(TAG_KEY_SIZE, 256),
105 Authorization(TAG_AUTH_TIMEOUT, 300),
106 };
107 AuthorizationSet set(params, array_length(params));
108 EXPECT_EQ(8U, set.size());
109
110 int pos = set.find(TAG_PURPOSE);
111 ASSERT_FALSE(pos == -1);
112 EXPECT_EQ(KM_TAG_PURPOSE, set[pos].tag);
113 EXPECT_EQ(KM_PURPOSE_SIGN, set[pos].enumerated);
114
115 pos = set.find(TAG_PURPOSE, pos);
116 EXPECT_EQ(KM_TAG_PURPOSE, set[pos].tag);
117 EXPECT_EQ(KM_PURPOSE_VERIFY, set[pos].enumerated);
118
119 EXPECT_EQ(-1, set.find(TAG_PURPOSE, pos));
120}
121
122TEST(Lookup, Indexed) {
123 keymaster_key_param_t params[] = {
124 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
125 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
126 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
127 Authorization(TAG_USER_ID, 7),
128 Authorization(TAG_USER_AUTH_ID, 8),
129 Authorization(TAG_APPLICATION_ID, "my_app", 6),
130 Authorization(TAG_KEY_SIZE, 256),
131 Authorization(TAG_AUTH_TIMEOUT, 300),
132 };
133 AuthorizationSet set(params, array_length(params));
134 EXPECT_EQ(8U, set.size());
135
136 EXPECT_EQ(KM_TAG_PURPOSE, set[0].tag);
137 EXPECT_EQ(KM_PURPOSE_SIGN, set[0].enumerated);
138
139 // Lookup beyond end doesn't work, just returns zeros, but doens't blow up either (verify by
140 // running under valgrind).
141 EXPECT_EQ(KM_TAG_INVALID, set[10].tag);
142}
143
144TEST(Serialization, RoundTrip) {
145 keymaster_key_param_t params[] = {
146 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
147 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
148 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
149 Authorization(TAG_USER_ID, 7),
150 Authorization(TAG_USER_AUTH_ID, 8),
151 Authorization(TAG_APPLICATION_ID, "my_app", 6),
152 Authorization(TAG_KEY_SIZE, 256),
153 Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]154 Authorization(TAG_ALL_USERS),
155 Authorization(TAG_RSA_PUBLIC_EXPONENT, 3),
156 Authorization(TAG_ACTIVE_DATETIME, 10),
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]157 };
158 AuthorizationSet set(params, array_length(params));
159
160 size_t size = set.SerializedSize();
161 EXPECT_TRUE(size > 0);
162
163 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]164 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]165 AuthorizationSet deserialized(buf.get(), size);
166
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]167 EXPECT_EQ(AuthorizationSet::OK, deserialized.is_valid());
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]168 EXPECT_EQ(set, deserialized);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]169
170 int pos = deserialized.find(TAG_APPLICATION_ID);
171 ASSERT_NE(-1, pos);
172 EXPECT_EQ(KM_TAG_APPLICATION_ID, deserialized[pos].tag);
173 EXPECT_EQ(6U, deserialized[pos].blob.data_length);
174 EXPECT_EQ(0, memcmp(deserialized[pos].blob.data, "my_app", 6));
175}
176
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]177TEST(Deserialization, Deserialize) {
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]178 keymaster_key_param_t params[] = {
179 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
180 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
181 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
182 Authorization(TAG_USER_ID, 7),
183 Authorization(TAG_USER_AUTH_ID, 8),
184 Authorization(TAG_APPLICATION_ID, "my_app", 6),
185 Authorization(TAG_KEY_SIZE, 256),
186 Authorization(TAG_AUTH_TIMEOUT, 300),
187 };
188 AuthorizationSet set(params, array_length(params));
189
190 size_t size = set.SerializedSize();
191 EXPECT_TRUE(size > 0);
192
193 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]194 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]195 AuthorizationSet deserialized;
196 const uint8_t* p = buf.get();
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]197 EXPECT_TRUE(deserialized.Deserialize(&p, p + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]198 EXPECT_EQ(p, buf.get() + size);
199
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]200 EXPECT_EQ(AuthorizationSet::OK, deserialized.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]201
202 EXPECT_EQ(set.size(), deserialized.size());
203 for (size_t i = 0; i < set.size(); ++i) {
204 EXPECT_EQ(set[i].tag, deserialized[i].tag);
205 }
206
207 int pos = deserialized.find(TAG_APPLICATION_ID);
208 ASSERT_NE(-1, pos);
209 EXPECT_EQ(KM_TAG_APPLICATION_ID, deserialized[pos].tag);
210 EXPECT_EQ(6U, deserialized[pos].blob.data_length);
211 EXPECT_EQ(0, memcmp(deserialized[pos].blob.data, "my_app", 6));
212}
213
214TEST(Deserialization, TooShortBuffer) {
215 uint8_t buf[] = {0, 0, 0};
216 AuthorizationSet deserialized(buf, array_length(buf));
217 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
218
219 const uint8_t* p = buf;
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]220 EXPECT_FALSE(deserialized.Deserialize(&p, p + array_length(buf)));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]221 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
222}
223
224TEST(Deserialization, InvalidLengthField) {
225 keymaster_key_param_t params[] = {
226 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
227 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
228 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
229 Authorization(TAG_USER_ID, 7),
230 Authorization(TAG_USER_AUTH_ID, 8),
231 Authorization(TAG_APPLICATION_ID, "my_app", 6),
232 Authorization(TAG_KEY_SIZE, 256),
233 Authorization(TAG_AUTH_TIMEOUT, 300),
234 };
235 AuthorizationSet set(params, array_length(params));
236
237 size_t size = set.SerializedSize();
238 EXPECT_TRUE(size > 0);
239
240 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]241 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]242 *reinterpret_cast<uint32_t*>(buf.get()) = 9;
243
244 AuthorizationSet deserialized(buf.get(), size);
245 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
246
247 const uint8_t* p = buf.get();
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]248 EXPECT_FALSE(deserialized.Deserialize(&p, p + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]249 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
250}
251
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]252static uint32_t read_uint32(const uint8_t* buf) {
253 uint32_t val;
254 memcpy(&val, buf, sizeof(val));
255 return val;
256}
257
258static void add_to_uint32(uint8_t* buf, int delta) {
259 uint32_t val;
260 memcpy(&val, buf, sizeof(val));
261 val += delta;
262 memcpy(buf, &val, sizeof(val));
263}
264
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]265TEST(Deserialization, MalformedIndirectData) {
266 keymaster_key_param_t params[] = {
267 Authorization(TAG_APPLICATION_ID, "my_app", 6),
268 Authorization(TAG_APPLICATION_DATA, "foo", 3),
269 };
270 AuthorizationSet set(params, array_length(params));
271 size_t size = set.SerializedSize();
272
273 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]274 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]275
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]276 // This sucks. This test, as written, requires intimate knowledge of the serialized layout of
277 // this particular set, which means it's brittle. But it's important to test that we handle
278 // broken serialized data and I can't think of a better way to write this.
279 //
280 // The contents of buf are:
281 //
282 // Bytes: Content:
283 // 0-3 Length of string data, which is 9.
284 // 4-9 "my_app"
285 // 10-12 "foo"
286 // 13-16 Number of elements, which is 2.
287 // 17-20 Length of elements, which is 24.
288 // 21-24 First tag, TAG_APPLICATION_ID
289 // 25-28 Length of string "my_app", 6
290 // 29-32 Offset of string "my_app", 0
291 // 33-36 Second tag, TAG_APPLICATION_DATA
292 // 37-40 Length of string "foo", 3
293 // 41-44 Offset of string "foo", 6
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]294
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]295 // Check that stuff is where we think.
296 EXPECT_EQ('m', buf[4]);
297 EXPECT_EQ('f', buf[10]);
298 // Length of "my_app"
299 EXPECT_EQ(6U, read_uint32(buf.get() + 25));
300 // Offset of "my_app"
301 EXPECT_EQ(0U, read_uint32(buf.get() + 29));
302 // Length of "foo"
303 EXPECT_EQ(3U, read_uint32(buf.get() + 37));
304 // Offset of "foo"
305 EXPECT_EQ(6U, read_uint32(buf.get() + 41));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]306
307 // Check that deserialization works.
308 AuthorizationSet deserialized1(buf.get(), size);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]309 EXPECT_EQ(AuthorizationSet::OK, deserialized1.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]310
311 const uint8_t* p = buf.get();
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]312 EXPECT_TRUE(deserialized1.Deserialize(&p, p + size));
313 EXPECT_EQ(AuthorizationSet::OK, deserialized1.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]314
315 //
316 // Now mess them up in various ways:
317 //
318
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]319 // Move "foo" offset so offset + length goes off the end
320 add_to_uint32(buf.get() + 41, 1);
321 AuthorizationSet deserialized2(buf.get(), size);
322 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized2.is_valid());
323 add_to_uint32(buf.get() + 41, -1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]324
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]325 // Shorten the "my_app" length to make a gap between the blobs.
326 add_to_uint32(buf.get() + 25, -1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]327 AuthorizationSet deserialized3(buf.get(), size);
328 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized3.is_valid());
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]329 add_to_uint32(buf.get() + 25, 1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]330
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]331 // Extend the "my_app" length to make them overlap, and decrease the "foo" length to keep the
332 // total length the same. We don't detect this but should.
333 // TODO(swillden): Detect overlaps and holes that leave total size correct.
334 add_to_uint32(buf.get() + 25, 1);
335 add_to_uint32(buf.get() + 37, -1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]336 AuthorizationSet deserialized4(buf.get(), size);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]337 EXPECT_EQ(AuthorizationSet::OK, deserialized4.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]338}
339
340TEST(Growable, SuccessfulRoundTrip) {
341 keymaster_key_param_t elems_buf[20];
342 uint8_t data_buf[200];
343
344 AuthorizationSet growable;
345 EXPECT_TRUE(growable.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA)));
346 EXPECT_EQ(1U, growable.size());
347
348 EXPECT_TRUE(growable.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY)));
349 EXPECT_EQ(2U, growable.size());
350
351 EXPECT_TRUE(growable.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN)));
352 EXPECT_EQ(3U, growable.size());
353
354 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_ID, "data", 4)));
355 EXPECT_EQ(4U, growable.size());
356
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]357 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_DATA, "some more data", 14)));
358 EXPECT_EQ(5U, growable.size());
359
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]360 size_t serialize_size = growable.SerializedSize();
361 UniquePtr<uint8_t[]> serialized(new uint8_t[serialize_size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]362 EXPECT_EQ(serialized.get() + serialize_size,
363 growable.Serialize(serialized.get(), serialized.get() + serialize_size));
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]364
365 AuthorizationSet deserialized(serialized.get(), serialize_size);
366 EXPECT_EQ(growable, deserialized);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]367}
368
369TEST(Growable, InsufficientElemBuf) {
370 keymaster_key_param_t elems_buf[1];
371 uint8_t data_buf[200];
372
373 AuthorizationSet growable;
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]374 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]375
376 // First insertion fits.
377 EXPECT_TRUE(growable.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA)));
378 EXPECT_EQ(1U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]379 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]380
381 // Second does too.
382 EXPECT_TRUE(growable.push_back(Authorization(TAG_RSA_PUBLIC_EXPONENT, 3)));
383 EXPECT_EQ(2U, growable.size());
384}
385
386TEST(Growable, InsufficientIndirectBuf) {
387 keymaster_key_param_t elems_buf[3];
388 uint8_t data_buf[10];
389
390 AuthorizationSet growable;
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]391 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]392
393 EXPECT_TRUE(growable.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA)));
394 EXPECT_EQ(1U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]395 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]396
397 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_ID, "1234567890", 10)));
398 EXPECT_EQ(2U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]399 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]400
401 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_DATA, "1", 1)));
402 EXPECT_EQ(3U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]403 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]404
405 // Can still add another entry without indirect data. Now it's full.
406 EXPECT_TRUE(growable.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN)));
407 EXPECT_EQ(4U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]408 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]409}
410
Shawn Willden37012132014-08-19 08:15:57 -0600[diff] [blame^]411TEST(Growable, PushBackSets) {
412 keymaster_key_param_t params[] = {
413 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
414 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
415 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
416 Authorization(TAG_USER_ID, 7),
417 Authorization(TAG_USER_AUTH_ID, 8),
418 Authorization(TAG_APPLICATION_ID, "my_app", 6),
419 Authorization(TAG_KEY_SIZE, 256),
420 Authorization(TAG_AUTH_TIMEOUT, 300),
421 };
422 AuthorizationSet set1(params, array_length(params));
423 AuthorizationSet set2(params, array_length(params));
424
425 AuthorizationSet combined;
426 EXPECT_TRUE(combined.push_back(set1));
427 EXPECT_TRUE(combined.push_back(set2));
428 EXPECT_EQ(array_length(params) * 2, combined.size());
429 EXPECT_EQ(12U, combined.indirect_size());
430}
431
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]432TEST(GetValue, GetInt) {
433 keymaster_key_param_t params[] = {
434 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
435 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
436 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
437 Authorization(TAG_USER_ID, 7),
438 Authorization(TAG_USER_AUTH_ID, 8),
439 Authorization(TAG_APPLICATION_ID, "my_app", 6),
440 Authorization(TAG_AUTH_TIMEOUT, 300),
441 };
442 AuthorizationSet set(params, array_length(params));
443
444 uint32_t val;
445 EXPECT_TRUE(set.GetTagValue(TAG_USER_ID, &val));
446 EXPECT_EQ(7U, val);
447
448 // Find one that isn't there
449 EXPECT_FALSE(set.GetTagValue(TAG_KEY_SIZE, &val));
450}
451
452TEST(GetValue, GetIntRep) {
453 keymaster_key_param_t params[] = {
454 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
455 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
456 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
457 Authorization(TAG_USER_ID, 7),
458 Authorization(TAG_USER_AUTH_ID, 8),
459 Authorization(TAG_APPLICATION_ID, "my_app", 6),
460 Authorization(TAG_AUTH_TIMEOUT, 300),
461 };
462 AuthorizationSet set(params, array_length(params));
463
464 uint32_t val;
465 EXPECT_TRUE(set.GetTagValue(TAG_USER_AUTH_ID, 0, &val));
466 EXPECT_EQ(8U, val);
467
468 // Find one that isn't there
469 EXPECT_FALSE(set.GetTagValue(TAG_USER_AUTH_ID, 1, &val));
470}
471
472TEST(GetValue, GetLong) {
473 keymaster_key_param_t params1[] = {
474 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
475 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
476 keymaster_param_long(TAG_RSA_PUBLIC_EXPONENT, 3),
477 };
478 AuthorizationSet set1(params1, array_length(params1));
479
480 keymaster_key_param_t params2[] = {
481 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
482 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
483 };
484 AuthorizationSet set2(params2, array_length(params2));
485
486 uint64_t val;
487 EXPECT_TRUE(set1.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &val));
488 EXPECT_EQ(3U, val);
489
490 // Find one that isn't there
491 EXPECT_FALSE(set2.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &val));
492}
493
494TEST(GetValue, GetEnum) {
495 keymaster_key_param_t params[] = {
496 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
497 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
498 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
499 Authorization(TAG_USER_ID, 7),
500 Authorization(TAG_USER_AUTH_ID, 8),
501 Authorization(TAG_APPLICATION_ID, "my_app", 6),
502 Authorization(TAG_AUTH_TIMEOUT, 300),
503 };
504 AuthorizationSet set(params, array_length(params));
505
506 keymaster_algorithm_t val;
507 EXPECT_TRUE(set.GetTagValue(TAG_ALGORITHM, &val));
508 EXPECT_EQ(KM_ALGORITHM_RSA, val);
509
510 // Find one that isn't there
511 keymaster_padding_t val2;
512 EXPECT_FALSE(set.GetTagValue(TAG_PADDING, &val2));
513}
514
515TEST(GetValue, GetEnumRep) {
516 keymaster_key_param_t params[] = {
517 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
518 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
519 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
520 Authorization(TAG_USER_ID, 7),
521 Authorization(TAG_USER_AUTH_ID, 8),
522 Authorization(TAG_APPLICATION_ID, "my_app", 6),
523 Authorization(TAG_AUTH_TIMEOUT, 300),
524 };
525 AuthorizationSet set(params, array_length(params));
526
527 keymaster_purpose_t val;
528 EXPECT_TRUE(set.GetTagValue(TAG_PURPOSE, 0, &val));
529 EXPECT_EQ(KM_PURPOSE_SIGN, val);
530 EXPECT_TRUE(set.GetTagValue(TAG_PURPOSE, 1, &val));
531 EXPECT_EQ(KM_PURPOSE_VERIFY, val);
532
533 // Find one that isn't there
534 EXPECT_FALSE(set.GetTagValue(TAG_PURPOSE, 2, &val));
535}
536
537TEST(GetValue, GetDate) {
538 keymaster_key_param_t params[] = {
539 Authorization(TAG_ACTIVE_DATETIME, 10),
540 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
541 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
542 Authorization(TAG_USER_ID, 7),
543 Authorization(TAG_USER_AUTH_ID, 8),
544 Authorization(TAG_APPLICATION_ID, "my_app", 6),
545 Authorization(TAG_AUTH_TIMEOUT, 300),
546 };
547 AuthorizationSet set(params, array_length(params));
548
549 uint64_t val;
550 EXPECT_TRUE(set.GetTagValue(TAG_ACTIVE_DATETIME, &val));
551 EXPECT_EQ(10U, val);
552
553 // Find one that isn't there
554 EXPECT_FALSE(set.GetTagValue(TAG_USAGE_EXPIRE_DATETIME, &val));
555}
556
557TEST(GetValue, GetBlob) {
558 keymaster_key_param_t params[] = {
559 Authorization(TAG_ACTIVE_DATETIME, 10),
560 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
561 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
562 Authorization(TAG_USER_ID, 7),
563 Authorization(TAG_USER_AUTH_ID, 8),
564 Authorization(TAG_APPLICATION_ID, "my_app", 6),
565 Authorization(TAG_AUTH_TIMEOUT, 300),
566 };
567 AuthorizationSet set(params, array_length(params));
568
569 keymaster_blob_t val;
570 EXPECT_TRUE(set.GetTagValue(TAG_APPLICATION_ID, &val));
571 EXPECT_EQ(6U, val.data_length);
572 EXPECT_EQ(0, memcmp(val.data, "my_app", 6));
573
574 // Find one that isn't there
575 EXPECT_FALSE(set.GetTagValue(TAG_APPLICATION_DATA, &val));
576}
577
578} // namespace test
579} // namespace keymaster