Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / keymaster / 226746bfb5f79857145d5f3ebdfd6f49b6c114ac / . / google_keymaster_test_utils.cpp
blob: 289d6a7cd6524047f7bcc16d14036f1ac91f2aef [file] [log] [blame]
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "google_keymaster_test_utils.h"
18
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]19#include <algorithm>
20
21#include <openssl/rand.h>
22
23#include <keymaster/google_keymaster_messages.h>
24#include <keymaster/google_keymaster_utils.h>
25
26using std::is_permutation;
27using std::ostream;
28using std::string;
29using std::vector;
30
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]31std::ostream& operator<<(std::ostream& os, const keymaster_key_param_t& param) {
32 os << "Tag: " << keymaster_tag_mask_type(param.tag);
33 switch (keymaster_tag_get_type(param.tag)) {
34 case KM_INVALID:
35 os << " Invalid";
36 break;
37 case KM_INT_REP:
38 os << " (Rep)";
39 /* Falls through */
40 case KM_INT:
41 os << " Int: " << param.integer;
42 break;
43 case KM_ENUM_REP:
44 os << " (Rep)";
45 /* Falls through */
46 case KM_ENUM:
47 os << " Enum: " << param.enumerated;
48 break;
Shawn Willdeneb63b972015-03-14 08:01:12 -0600[diff] [blame]49 case KM_LONG_REP:
50 os << " (Rep)";
51 /* Falls through */
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]52 case KM_LONG:
53 os << " Long: " << param.long_integer;
54 break;
55 case KM_DATE:
56 os << " Date: " << param.date_time;
57 break;
58 case KM_BOOL:
59 os << " Bool: " << param.boolean;
60 break;
61 case KM_BIGNUM:
62 os << " Bignum: ";
63 break;
64 case KM_BYTES:
65 os << " Bytes: ";
66 break;
67 }
68 return os;
69}
70
71bool operator==(const keymaster_key_param_t& a, const keymaster_key_param_t& b) {
72 if (a.tag != b.tag) {
73 return false;
74 }
75
76 switch (keymaster_tag_get_type(a.tag)) {
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]77 case KM_INVALID:
78 return true;
79 case KM_INT_REP:
80 case KM_INT:
81 return a.integer == b.integer;
82 case KM_ENUM_REP:
83 case KM_ENUM:
84 return a.enumerated == b.enumerated;
85 case KM_LONG:
Shawn Willden82114e72015-04-16 15:47:50 -0600[diff] [blame]86 case KM_LONG_REP:
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]87 return a.long_integer == b.long_integer;
88 case KM_DATE:
89 return a.date_time == b.date_time;
90 case KM_BOOL:
91 return a.boolean == b.boolean;
92 case KM_BIGNUM:
93 case KM_BYTES:
94 if ((a.blob.data == NULL || b.blob.data == NULL) && a.blob.data != b.blob.data)
95 return false;
96 return a.blob.data_length == b.blob.data_length &&
97 (memcmp(a.blob.data, b.blob.data, a.blob.data_length) == 0);
98 }
Shawn Willden82114e72015-04-16 15:47:50 -0600[diff] [blame]99
100 return false;
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]101}
102
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]103static char hex_value[256] = {
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
106 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 0, 0, 0, 0, 0, // '0'..'9'
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]107 0, 10, 11, 12, 13, 14, 15, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 'A'..'F'
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]108 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 11, 12, 13, 14, 15, 0,
109 0, 0, 0, 0, 0, 0, 0, 0, // 'a'..'f'
110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
115 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]116
117string hex2str(string a) {
118 string b;
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]119 size_t num = a.size() / 2;
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]120 b.resize(num);
121 for (size_t i = 0; i < num; i++) {
122 b[i] = (hex_value[a[i * 2] & 0xFF] << 4) + (hex_value[a[i * 2 + 1] & 0xFF]);
123 }
124 return b;
125}
126
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]127namespace keymaster {
128
129bool operator==(const AuthorizationSet& a, const AuthorizationSet& b) {
130 if (a.size() != b.size())
131 return false;
132
133 for (size_t i = 0; i < a.size(); ++i)
134 if (!(a[i] == b[i]))
135 return false;
136 return true;
137}
138
Shawn Willden2c242002015-02-27 07:01:02 -0700[diff] [blame]139bool operator!=(const AuthorizationSet& a, const AuthorizationSet& b) {
140 return !(a == b);
141}
142
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]143std::ostream& operator<<(std::ostream& os, const AuthorizationSet& set) {
144 if (set.size() == 0)
145 os << "(Empty)" << std::endl;
146 for (size_t i = 0; i < set.size(); ++i) {
147 os << set[i] << std::endl;
148 }
149 return os;
150}
151
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]152namespace test {
153
154Keymaster1Test::Keymaster1Test()
155 : device_(NULL), op_handle_(OP_HANDLE_SENTINEL), characteristics_(NULL) {
156 blob_.key_material = NULL;
157 RAND_seed("foobar", 6);
158 blob_.key_material = 0;
159}
160
161Keymaster1Test::~Keymaster1Test() {
162 FreeCharacteristics();
163 FreeKeyBlob();
164 device_->common.close(reinterpret_cast<hw_device_t*>(device_));
165}
166
167keymaster1_device_t* Keymaster1Test::device() {
168 return device_;
169}
170
171keymaster_error_t Keymaster1Test::GenerateKey(const AuthorizationSetBuilder& builder) {
172 AuthorizationSet params(builder.build());
173 params.push_back(UserAuthParams());
174 params.push_back(ClientParams());
175
176 FreeKeyBlob();
177 FreeCharacteristics();
178 return device()->generate_key(device(), params.data(), params.size(), &blob_,
179 &characteristics_);
180}
181
182keymaster_error_t Keymaster1Test::ImportKey(const AuthorizationSetBuilder& builder,
183 keymaster_key_format_t format,
184 const string& key_material) {
185 AuthorizationSet params(builder.build());
186 params.push_back(UserAuthParams());
187 params.push_back(ClientParams());
188
189 FreeKeyBlob();
190 FreeCharacteristics();
191 return device()->import_key(device(), params.data(), params.size(), format,
192 reinterpret_cast<const uint8_t*>(key_material.c_str()),
193 key_material.length(), &blob_, &characteristics_);
194}
195
196AuthorizationSet Keymaster1Test::UserAuthParams() {
197 AuthorizationSet set;
198 set.push_back(TAG_USER_ID, 7);
Shawn Willdeneb63b972015-03-14 08:01:12 -0600[diff] [blame]199 set.push_back(TAG_USER_AUTH_TYPE, HW_AUTH_PASSWORD);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]200 set.push_back(TAG_AUTH_TIMEOUT, 300);
201 return set;
202}
203
204AuthorizationSet Keymaster1Test::ClientParams() {
205 AuthorizationSet set;
206 set.push_back(TAG_APPLICATION_ID, "app_id", 6);
207 return set;
208}
209
210keymaster_error_t Keymaster1Test::BeginOperation(keymaster_purpose_t purpose) {
211 keymaster_key_param_t* out_params = NULL;
212 size_t out_params_count = 0;
213 keymaster_error_t error =
214 device()->begin(device(), purpose, &blob_, client_params_, array_length(client_params_),
215 &out_params, &out_params_count, &op_handle_);
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]216 EXPECT_EQ(0U, out_params_count);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]217 EXPECT_TRUE(out_params == NULL);
218 return error;
219}
220
221keymaster_error_t Keymaster1Test::BeginOperation(keymaster_purpose_t purpose,
222 const AuthorizationSet& input_set,
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]223 AuthorizationSet* output_set) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]224 keymaster_key_param_t* out_params;
225 size_t out_params_count;
226 keymaster_error_t error =
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]227 device()->begin(device(), purpose, &blob_, input_set.data(), input_set.size(), &out_params,
228 &out_params_count, &op_handle_);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]229 if (error == KM_ERROR_OK) {
230 if (output_set) {
231 output_set->Reinitialize(out_params, out_params_count);
232 } else {
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]233 EXPECT_EQ(0U, out_params_count);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]234 EXPECT_TRUE(out_params == NULL);
235 }
236 keymaster_free_param_values(out_params, out_params_count);
237 free(out_params);
238 }
239 return error;
240}
241
242keymaster_error_t Keymaster1Test::UpdateOperation(const string& message, string* output,
243 size_t* input_consumed) {
244 uint8_t* out_tmp = NULL;
245 size_t out_length;
246 EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL);
247 keymaster_error_t error =
248 device()->update(device(), op_handle_, NULL /* params */, 0 /* params_count */,
249 reinterpret_cast<const uint8_t*>(message.c_str()), message.length(),
250 input_consumed, &out_tmp, &out_length);
251 if (error == KM_ERROR_OK && out_tmp)
252 output->append(reinterpret_cast<char*>(out_tmp), out_length);
253 free(out_tmp);
254 return error;
255}
256
257keymaster_error_t Keymaster1Test::UpdateOperation(const AuthorizationSet& additional_params,
258 const string& message, string* output,
259 size_t* input_consumed) {
260 uint8_t* out_tmp = NULL;
261 size_t out_length;
262 EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL);
263 keymaster_error_t error =
264 device()->update(device(), op_handle_, additional_params.data(), additional_params.size(),
265 reinterpret_cast<const uint8_t*>(message.c_str()), message.length(),
266 input_consumed, &out_tmp, &out_length);
267 if (error == KM_ERROR_OK && out_tmp)
268 output->append(reinterpret_cast<char*>(out_tmp), out_length);
269 free(out_tmp);
270 return error;
271}
272
273keymaster_error_t Keymaster1Test::FinishOperation(string* output) {
274 return FinishOperation("", output);
275}
276
277keymaster_error_t Keymaster1Test::FinishOperation(const string& signature, string* output) {
278 AuthorizationSet additional_params;
279 return FinishOperation(additional_params, signature, output);
280}
281
282keymaster_error_t Keymaster1Test::FinishOperation(const AuthorizationSet& additional_params,
283 const string& signature, string* output) {
284 uint8_t* out_tmp = NULL;
285 size_t out_length;
286 keymaster_error_t error =
287 device()->finish(device(), op_handle_, additional_params.data(), additional_params.size(),
288 reinterpret_cast<const uint8_t*>(signature.c_str()), signature.length(),
289 &out_tmp, &out_length);
290 if (out_tmp)
291 output->append(reinterpret_cast<char*>(out_tmp), out_length);
292 free(out_tmp);
293 return error;
294}
295
296keymaster_error_t Keymaster1Test::AbortOperation() {
297 return device()->abort(device(), op_handle_);
298}
299
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame^]300string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message) {
301 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]302
303 string result;
304 size_t input_consumed;
305 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed));
306 EXPECT_EQ(message.size(), input_consumed);
307 EXPECT_EQ(KM_ERROR_OK, FinishOperation(&result));
308 return result;
309}
310
311string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
312 const AuthorizationSet& begin_params,
313 const AuthorizationSet& update_params,
314 AuthorizationSet* output_params) {
315 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, begin_params, output_params));
316
317 string result;
318 size_t input_consumed;
319 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(update_params, message, &result, &input_consumed));
320 EXPECT_EQ(message.size(), input_consumed);
321 EXPECT_EQ(KM_ERROR_OK, FinishOperation(update_params, "", &result));
322 return result;
323}
324
325string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame^]326 const string& signature, const AuthorizationSet& begin_params,
327 const AuthorizationSet& update_params,
328 AuthorizationSet* output_params) {
329 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, begin_params, output_params));
330
331 string result;
332 size_t input_consumed;
333 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(update_params, message, &result, &input_consumed));
334 EXPECT_EQ(message.size(), input_consumed);
335 EXPECT_EQ(KM_ERROR_OK, FinishOperation(update_params, signature, &result));
336 return result;
337}
338
339string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
340 const string& signature) {
341 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]342
343 string result;
344 size_t input_consumed;
345 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed));
346 EXPECT_EQ(message.size(), input_consumed);
347 EXPECT_EQ(KM_ERROR_OK, FinishOperation(signature, &result));
348 return result;
349}
350
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame^]351void Keymaster1Test::SignMessage(const string& message, string* signature,
352 keymaster_digest_t digest) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]353 SCOPED_TRACE("SignMessage");
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame^]354 AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
355 input_params.push_back(TAG_DIGEST, digest);
356 AuthorizationSet update_params;
357 AuthorizationSet output_params;
358 *signature =
359 ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params);
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]360 EXPECT_GT(signature->size(), 0U);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]361}
362
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame^]363void Keymaster1Test::MacMessage(const string& message, string* signature, keymaster_digest_t digest,
364 size_t mac_length) {
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]365 SCOPED_TRACE("SignMessage");
366 AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
367 input_params.push_back(TAG_MAC_LENGTH, mac_length);
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame^]368 input_params.push_back(TAG_DIGEST, digest);
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]369 AuthorizationSet update_params;
370 AuthorizationSet output_params;
371 *signature =
372 ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params);
373 EXPECT_GT(signature->size(), 0U);
374}
375
Shawn Willdend7a5c712015-04-09 16:33:52 -0600[diff] [blame]376void Keymaster1Test::VerifyMessage(const string& message, const string& signature,
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame^]377 keymaster_digest_t digest) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]378 SCOPED_TRACE("VerifyMessage");
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame^]379 AuthorizationSet input_params(client_params());
380 input_params.push_back(TAG_DIGEST, digest);
381 AuthorizationSet update_params;
382 AuthorizationSet output_params;
383 ProcessMessage(KM_PURPOSE_VERIFY, message, signature, input_params, update_params,
384 &output_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]385}
386
387string Keymaster1Test::EncryptMessage(const string& message, string* generated_nonce) {
388 AuthorizationSet update_params;
389 return EncryptMessage(update_params, message, generated_nonce);
390}
391
392string Keymaster1Test::EncryptMessage(const AuthorizationSet& update_params, const string& message,
393 string* generated_nonce) {
394 SCOPED_TRACE("EncryptMessage");
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]395 AuthorizationSet begin_params(client_params()), output_params;
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]396 string ciphertext =
397 ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, &output_params);
398 if (generated_nonce) {
399 keymaster_blob_t nonce_blob;
400 EXPECT_TRUE(output_params.GetTagValue(TAG_NONCE, &nonce_blob));
401 *generated_nonce = make_string(nonce_blob.data, nonce_blob.data_length);
402 } else {
403 EXPECT_EQ(-1, output_params.find(TAG_NONCE));
404 }
405 return ciphertext;
406}
407
408string Keymaster1Test::EncryptMessageWithParams(const string& message,
409 const AuthorizationSet& begin_params,
410 const AuthorizationSet& update_params,
411 AuthorizationSet* output_params) {
412 SCOPED_TRACE("EncryptMessageWithParams");
413 return ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, output_params);
414}
415
416string Keymaster1Test::DecryptMessage(const string& ciphertext) {
417 SCOPED_TRACE("DecryptMessage");
418 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext);
419}
420
421string Keymaster1Test::DecryptMessage(const string& ciphertext, const string& nonce) {
422 SCOPED_TRACE("DecryptMessage");
423 AuthorizationSet update_params;
424 return DecryptMessage(update_params, ciphertext, nonce);
425}
426
427string Keymaster1Test::DecryptMessage(const AuthorizationSet& update_params,
428 const string& ciphertext, const string& nonce) {
429 SCOPED_TRACE("DecryptMessage");
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]430 AuthorizationSet begin_params(client_params());
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]431 begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size());
432 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
433}
434
435keymaster_error_t Keymaster1Test::GetCharacteristics() {
436 FreeCharacteristics();
437 return device()->get_key_characteristics(device(), &blob_, &client_id_, NULL /* app_data */,
438 &characteristics_);
439}
440
441keymaster_error_t Keymaster1Test::ExportKey(keymaster_key_format_t format, string* export_data) {
442 uint8_t* export_data_tmp;
443 size_t export_data_length;
444
445 keymaster_error_t error =
446 device()->export_key(device(), format, &blob_, &client_id_, NULL /* app_data */,
447 &export_data_tmp, &export_data_length);
448
449 if (error != KM_ERROR_OK)
450 return error;
451
452 *export_data = string(reinterpret_cast<char*>(export_data_tmp), export_data_length);
453 free(export_data_tmp);
454 return error;
455}
456
457keymaster_error_t
458Keymaster1Test::Rescope(const AuthorizationSet& new_params, keymaster_key_blob_t* rescoped_blob,
459 keymaster_key_characteristics_t** rescoped_characteristics) {
460 return device()->rescope(device(), new_params.data(), new_params.size(), &blob_, &client_id_,
461 NULL /* app data */, rescoped_blob, rescoped_characteristics);
462}
463
464void Keymaster1Test::CheckHmacTestVector(string key, string message, keymaster_digest_t digest,
465 string expected_mac) {
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]466 ASSERT_EQ(KM_ERROR_OK,
467 ImportKey(AuthorizationSetBuilder().HmacKey(key.size() * 8).Digest(digest),
468 KM_KEY_FORMAT_RAW, key));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]469 string signature;
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame^]470 MacMessage(message, &signature, digest, expected_mac.size() * 8);
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]471 EXPECT_EQ(expected_mac, signature) << "Test vector didn't match for digest " << (int)digest;
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]472}
473
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]474void Keymaster1Test::CheckAesCtrTestVector(const string& key, const string& nonce,
475 const string& message,
476 const string& expected_ciphertext) {
477 ASSERT_EQ(KM_ERROR_OK, ImportKey(AuthorizationSetBuilder()
478 .AesEncryptionKey(key.size() * 8)
479 .Authorization(TAG_BLOCK_MODE, KM_MODE_CTR)
480 .Authorization(TAG_CALLER_NONCE),
481 KM_KEY_FORMAT_RAW, key));
482
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]483 AuthorizationSet begin_params(client_params()), update_params, output_params;
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]484 begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size());
485 string ciphertext =
486 EncryptMessageWithParams(message, begin_params, update_params, &output_params);
487 EXPECT_EQ(expected_ciphertext, ciphertext);
488}
489
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]490AuthorizationSet Keymaster1Test::hw_enforced() {
491 EXPECT_TRUE(characteristics_ != NULL);
492 return AuthorizationSet(characteristics_->hw_enforced);
493}
494
495AuthorizationSet Keymaster1Test::sw_enforced() {
496 EXPECT_TRUE(characteristics_ != NULL);
497 return AuthorizationSet(characteristics_->sw_enforced);
498}
499
500void Keymaster1Test::FreeCharacteristics() {
501 keymaster_free_characteristics(characteristics_);
502 free(characteristics_);
503 characteristics_ = NULL;
504}
505
506void Keymaster1Test::FreeKeyBlob() {
507 free(const_cast<uint8_t*>(blob_.key_material));
508 blob_.key_material = NULL;
509}
510
511void Keymaster1Test::corrupt_key_blob() {
512 assert(blob_.key_material);
513 uint8_t* tmp = const_cast<uint8_t*>(blob_.key_material);
514 ++tmp[blob_.key_material_size / 2];
515}
516
517} // namespace test
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]518} // namespace keymaster