Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / keymaster / 3ad5f05e1ae2ca4beb1d0b2104c742de869841bc / . / google_keymaster_test_utils.cpp
blob: 5a3d4ae83725d5533dfbe8f26a64386d6fd5f3ca [file] [log] [blame]
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "google_keymaster_test_utils.h"
18
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]19#include <algorithm>
20
21#include <openssl/rand.h>
22
23#include <keymaster/google_keymaster_messages.h>
24#include <keymaster/google_keymaster_utils.h>
25
26using std::is_permutation;
27using std::ostream;
28using std::string;
29using std::vector;
30
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]31std::ostream& operator<<(std::ostream& os, const keymaster_key_param_t& param) {
32 os << "Tag: " << keymaster_tag_mask_type(param.tag);
33 switch (keymaster_tag_get_type(param.tag)) {
34 case KM_INVALID:
35 os << " Invalid";
36 break;
37 case KM_INT_REP:
38 os << " (Rep)";
39 /* Falls through */
40 case KM_INT:
41 os << " Int: " << param.integer;
42 break;
43 case KM_ENUM_REP:
44 os << " (Rep)";
45 /* Falls through */
46 case KM_ENUM:
47 os << " Enum: " << param.enumerated;
48 break;
Shawn Willdeneb63b972015-03-14 08:01:12 -0600[diff] [blame]49 case KM_LONG_REP:
50 os << " (Rep)";
51 /* Falls through */
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]52 case KM_LONG:
53 os << " Long: " << param.long_integer;
54 break;
55 case KM_DATE:
56 os << " Date: " << param.date_time;
57 break;
58 case KM_BOOL:
59 os << " Bool: " << param.boolean;
60 break;
61 case KM_BIGNUM:
62 os << " Bignum: ";
63 break;
64 case KM_BYTES:
65 os << " Bytes: ";
66 break;
67 }
68 return os;
69}
70
71bool operator==(const keymaster_key_param_t& a, const keymaster_key_param_t& b) {
72 if (a.tag != b.tag) {
73 return false;
74 }
75
76 switch (keymaster_tag_get_type(a.tag)) {
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]77 case KM_INVALID:
78 return true;
79 case KM_INT_REP:
80 case KM_INT:
81 return a.integer == b.integer;
82 case KM_ENUM_REP:
83 case KM_ENUM:
84 return a.enumerated == b.enumerated;
85 case KM_LONG:
Shawn Willden82114e72015-04-16 15:47:50 -0600[diff] [blame]86 case KM_LONG_REP:
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]87 return a.long_integer == b.long_integer;
88 case KM_DATE:
89 return a.date_time == b.date_time;
90 case KM_BOOL:
91 return a.boolean == b.boolean;
92 case KM_BIGNUM:
93 case KM_BYTES:
94 if ((a.blob.data == NULL || b.blob.data == NULL) && a.blob.data != b.blob.data)
95 return false;
96 return a.blob.data_length == b.blob.data_length &&
97 (memcmp(a.blob.data, b.blob.data, a.blob.data_length) == 0);
98 }
Shawn Willden82114e72015-04-16 15:47:50 -0600[diff] [blame]99
100 return false;
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]101}
102
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]103static char hex_value[256] = {
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
106 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 0, 0, 0, 0, 0, // '0'..'9'
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]107 0, 10, 11, 12, 13, 14, 15, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 'A'..'F'
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]108 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 11, 12, 13, 14, 15, 0,
109 0, 0, 0, 0, 0, 0, 0, 0, // 'a'..'f'
110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
115 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]116
117string hex2str(string a) {
118 string b;
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]119 size_t num = a.size() / 2;
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]120 b.resize(num);
121 for (size_t i = 0; i < num; i++) {
122 b[i] = (hex_value[a[i * 2] & 0xFF] << 4) + (hex_value[a[i * 2 + 1] & 0xFF]);
123 }
124 return b;
125}
126
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]127namespace keymaster {
128
129bool operator==(const AuthorizationSet& a, const AuthorizationSet& b) {
130 if (a.size() != b.size())
131 return false;
132
133 for (size_t i = 0; i < a.size(); ++i)
134 if (!(a[i] == b[i]))
135 return false;
136 return true;
137}
138
Shawn Willden2c242002015-02-27 07:01:02 -0700[diff] [blame]139bool operator!=(const AuthorizationSet& a, const AuthorizationSet& b) {
140 return !(a == b);
141}
142
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]143std::ostream& operator<<(std::ostream& os, const AuthorizationSet& set) {
144 if (set.size() == 0)
145 os << "(Empty)" << std::endl;
146 for (size_t i = 0; i < set.size(); ++i) {
147 os << set[i] << std::endl;
148 }
149 return os;
150}
151
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]152namespace test {
153
154Keymaster1Test::Keymaster1Test()
155 : device_(NULL), op_handle_(OP_HANDLE_SENTINEL), characteristics_(NULL) {
156 blob_.key_material = NULL;
157 RAND_seed("foobar", 6);
158 blob_.key_material = 0;
159}
160
161Keymaster1Test::~Keymaster1Test() {
162 FreeCharacteristics();
163 FreeKeyBlob();
164 device_->common.close(reinterpret_cast<hw_device_t*>(device_));
165}
166
167keymaster1_device_t* Keymaster1Test::device() {
168 return device_;
169}
170
171keymaster_error_t Keymaster1Test::GenerateKey(const AuthorizationSetBuilder& builder) {
172 AuthorizationSet params(builder.build());
173 params.push_back(UserAuthParams());
174 params.push_back(ClientParams());
175
176 FreeKeyBlob();
177 FreeCharacteristics();
178 return device()->generate_key(device(), params.data(), params.size(), &blob_,
179 &characteristics_);
180}
181
182keymaster_error_t Keymaster1Test::ImportKey(const AuthorizationSetBuilder& builder,
183 keymaster_key_format_t format,
184 const string& key_material) {
185 AuthorizationSet params(builder.build());
186 params.push_back(UserAuthParams());
187 params.push_back(ClientParams());
188
189 FreeKeyBlob();
190 FreeCharacteristics();
191 return device()->import_key(device(), params.data(), params.size(), format,
192 reinterpret_cast<const uint8_t*>(key_material.c_str()),
193 key_material.length(), &blob_, &characteristics_);
194}
195
196AuthorizationSet Keymaster1Test::UserAuthParams() {
197 AuthorizationSet set;
198 set.push_back(TAG_USER_ID, 7);
Shawn Willdeneb63b972015-03-14 08:01:12 -0600[diff] [blame]199 set.push_back(TAG_USER_AUTH_TYPE, HW_AUTH_PASSWORD);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]200 set.push_back(TAG_AUTH_TIMEOUT, 300);
201 return set;
202}
203
204AuthorizationSet Keymaster1Test::ClientParams() {
205 AuthorizationSet set;
206 set.push_back(TAG_APPLICATION_ID, "app_id", 6);
207 return set;
208}
209
210keymaster_error_t Keymaster1Test::BeginOperation(keymaster_purpose_t purpose) {
211 keymaster_key_param_t* out_params = NULL;
212 size_t out_params_count = 0;
213 keymaster_error_t error =
214 device()->begin(device(), purpose, &blob_, client_params_, array_length(client_params_),
215 &out_params, &out_params_count, &op_handle_);
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]216 EXPECT_EQ(0U, out_params_count);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]217 EXPECT_TRUE(out_params == NULL);
218 return error;
219}
220
221keymaster_error_t Keymaster1Test::BeginOperation(keymaster_purpose_t purpose,
222 const AuthorizationSet& input_set,
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]223 AuthorizationSet* output_set) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]224 keymaster_key_param_t* out_params;
225 size_t out_params_count;
226 keymaster_error_t error =
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]227 device()->begin(device(), purpose, &blob_, input_set.data(), input_set.size(), &out_params,
228 &out_params_count, &op_handle_);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]229 if (error == KM_ERROR_OK) {
230 if (output_set) {
231 output_set->Reinitialize(out_params, out_params_count);
232 } else {
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]233 EXPECT_EQ(0U, out_params_count);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]234 EXPECT_TRUE(out_params == NULL);
235 }
236 keymaster_free_param_values(out_params, out_params_count);
237 free(out_params);
238 }
239 return error;
240}
241
242keymaster_error_t Keymaster1Test::UpdateOperation(const string& message, string* output,
243 size_t* input_consumed) {
244 uint8_t* out_tmp = NULL;
245 size_t out_length;
246 EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL);
247 keymaster_error_t error =
248 device()->update(device(), op_handle_, NULL /* params */, 0 /* params_count */,
249 reinterpret_cast<const uint8_t*>(message.c_str()), message.length(),
250 input_consumed, &out_tmp, &out_length);
251 if (error == KM_ERROR_OK && out_tmp)
252 output->append(reinterpret_cast<char*>(out_tmp), out_length);
253 free(out_tmp);
254 return error;
255}
256
257keymaster_error_t Keymaster1Test::UpdateOperation(const AuthorizationSet& additional_params,
258 const string& message, string* output,
259 size_t* input_consumed) {
260 uint8_t* out_tmp = NULL;
261 size_t out_length;
262 EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL);
263 keymaster_error_t error =
264 device()->update(device(), op_handle_, additional_params.data(), additional_params.size(),
265 reinterpret_cast<const uint8_t*>(message.c_str()), message.length(),
266 input_consumed, &out_tmp, &out_length);
267 if (error == KM_ERROR_OK && out_tmp)
268 output->append(reinterpret_cast<char*>(out_tmp), out_length);
269 free(out_tmp);
270 return error;
271}
272
273keymaster_error_t Keymaster1Test::FinishOperation(string* output) {
274 return FinishOperation("", output);
275}
276
277keymaster_error_t Keymaster1Test::FinishOperation(const string& signature, string* output) {
278 AuthorizationSet additional_params;
279 return FinishOperation(additional_params, signature, output);
280}
281
282keymaster_error_t Keymaster1Test::FinishOperation(const AuthorizationSet& additional_params,
283 const string& signature, string* output) {
284 uint8_t* out_tmp = NULL;
285 size_t out_length;
286 keymaster_error_t error =
287 device()->finish(device(), op_handle_, additional_params.data(), additional_params.size(),
288 reinterpret_cast<const uint8_t*>(signature.c_str()), signature.length(),
289 &out_tmp, &out_length);
290 if (out_tmp)
291 output->append(reinterpret_cast<char*>(out_tmp), out_length);
292 free(out_tmp);
293 return error;
294}
295
296keymaster_error_t Keymaster1Test::AbortOperation() {
297 return device()->abort(device(), op_handle_);
298}
299
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]300string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message) {
301 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]302
303 string result;
304 size_t input_consumed;
305 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed));
306 EXPECT_EQ(message.size(), input_consumed);
307 EXPECT_EQ(KM_ERROR_OK, FinishOperation(&result));
308 return result;
309}
310
311string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
312 const AuthorizationSet& begin_params,
313 const AuthorizationSet& update_params,
314 AuthorizationSet* output_params) {
315 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, begin_params, output_params));
316
317 string result;
318 size_t input_consumed;
319 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(update_params, message, &result, &input_consumed));
320 EXPECT_EQ(message.size(), input_consumed);
321 EXPECT_EQ(KM_ERROR_OK, FinishOperation(update_params, "", &result));
322 return result;
323}
324
325string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]326 const string& signature, const AuthorizationSet& begin_params,
327 const AuthorizationSet& update_params,
328 AuthorizationSet* output_params) {
329 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, begin_params, output_params));
330
331 string result;
332 size_t input_consumed;
333 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(update_params, message, &result, &input_consumed));
334 EXPECT_EQ(message.size(), input_consumed);
335 EXPECT_EQ(KM_ERROR_OK, FinishOperation(update_params, signature, &result));
336 return result;
337}
338
339string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
340 const string& signature) {
341 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]342
343 string result;
344 size_t input_consumed;
345 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed));
346 EXPECT_EQ(message.size(), input_consumed);
347 EXPECT_EQ(KM_ERROR_OK, FinishOperation(signature, &result));
348 return result;
349}
350
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]351void Keymaster1Test::SignMessage(const string& message, string* signature,
352 keymaster_digest_t digest) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]353 SCOPED_TRACE("SignMessage");
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]354 AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
355 input_params.push_back(TAG_DIGEST, digest);
356 AuthorizationSet update_params;
357 AuthorizationSet output_params;
358 *signature =
359 ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params);
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]360 EXPECT_GT(signature->size(), 0U);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]361}
362
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]363void Keymaster1Test::SignMessage(const string& message, string* signature,
364 keymaster_digest_t digest, keymaster_padding_t padding) {
365 SCOPED_TRACE("SignMessage");
366 AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
367 input_params.push_back(TAG_DIGEST, digest);
368 input_params.push_back(TAG_PADDING, padding);
369 AuthorizationSet update_params;
370 AuthorizationSet output_params;
371 *signature =
372 ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params);
373 EXPECT_GT(signature->size(), 0U);
374}
375
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]376void Keymaster1Test::MacMessage(const string& message, string* signature, keymaster_digest_t digest,
377 size_t mac_length) {
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]378 SCOPED_TRACE("SignMessage");
379 AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
380 input_params.push_back(TAG_MAC_LENGTH, mac_length);
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]381 input_params.push_back(TAG_DIGEST, digest);
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]382 AuthorizationSet update_params;
383 AuthorizationSet output_params;
384 *signature =
385 ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params);
386 EXPECT_GT(signature->size(), 0U);
387}
388
Shawn Willdend7a5c712015-04-09 16:33:52 -0600[diff] [blame]389void Keymaster1Test::VerifyMessage(const string& message, const string& signature,
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]390 keymaster_digest_t digest) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]391 SCOPED_TRACE("VerifyMessage");
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]392 AuthorizationSet input_params(client_params());
393 input_params.push_back(TAG_DIGEST, digest);
394 AuthorizationSet update_params;
395 AuthorizationSet output_params;
396 ProcessMessage(KM_PURPOSE_VERIFY, message, signature, input_params, update_params,
397 &output_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]398}
399
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]400void Keymaster1Test::VerifyMessage(const string& message, const string& signature,
401 keymaster_digest_t digest, keymaster_padding_t padding) {
402 SCOPED_TRACE("VerifyMessage");
403 AuthorizationSet input_params(client_params());
404 input_params.push_back(TAG_DIGEST, digest);
405 input_params.push_back(TAG_PADDING, padding);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]406 AuthorizationSet update_params;
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]407 AuthorizationSet output_params;
408 ProcessMessage(KM_PURPOSE_VERIFY, message, signature, input_params, update_params,
409 &output_params);
410}
411
412string Keymaster1Test::EncryptMessage(const string& message, keymaster_padding_t padding,
413 string* generated_nonce) {
414 AuthorizationSet update_params;
415 return EncryptMessage(update_params, message, padding, generated_nonce);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]416}
417
418string Keymaster1Test::EncryptMessage(const AuthorizationSet& update_params, const string& message,
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]419 keymaster_padding_t padding, string* generated_nonce) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]420 SCOPED_TRACE("EncryptMessage");
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]421 AuthorizationSet begin_params(client_params()), output_params;
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]422 begin_params.push_back(TAG_PADDING, padding);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]423 string ciphertext =
424 ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, &output_params);
425 if (generated_nonce) {
426 keymaster_blob_t nonce_blob;
427 EXPECT_TRUE(output_params.GetTagValue(TAG_NONCE, &nonce_blob));
428 *generated_nonce = make_string(nonce_blob.data, nonce_blob.data_length);
429 } else {
430 EXPECT_EQ(-1, output_params.find(TAG_NONCE));
431 }
432 return ciphertext;
433}
434
435string Keymaster1Test::EncryptMessageWithParams(const string& message,
436 const AuthorizationSet& begin_params,
437 const AuthorizationSet& update_params,
438 AuthorizationSet* output_params) {
439 SCOPED_TRACE("EncryptMessageWithParams");
440 return ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, output_params);
441}
442
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]443string Keymaster1Test::DecryptMessage(const string& ciphertext, keymaster_padding_t padding) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]444 SCOPED_TRACE("DecryptMessage");
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]445 AuthorizationSet begin_params(client_params());
446 begin_params.push_back(TAG_PADDING, padding);
447 AuthorizationSet update_params;
448 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]449}
450
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]451string Keymaster1Test::DecryptMessage(const string& ciphertext, keymaster_padding_t padding,
452 const string& nonce) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]453 SCOPED_TRACE("DecryptMessage");
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]454 AuthorizationSet begin_params(client_params());
455 begin_params.push_back(TAG_PADDING, padding);
456 begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size());
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]457 AuthorizationSet update_params;
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]458 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]459}
460
461string Keymaster1Test::DecryptMessage(const AuthorizationSet& update_params,
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]462 const string& ciphertext, keymaster_padding_t padding,
463 const string& nonce) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]464 SCOPED_TRACE("DecryptMessage");
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]465 AuthorizationSet begin_params(client_params());
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]466 begin_params.push_back(TAG_PADDING, padding);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]467 begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size());
468 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
469}
470
471keymaster_error_t Keymaster1Test::GetCharacteristics() {
472 FreeCharacteristics();
473 return device()->get_key_characteristics(device(), &blob_, &client_id_, NULL /* app_data */,
474 &characteristics_);
475}
476
477keymaster_error_t Keymaster1Test::ExportKey(keymaster_key_format_t format, string* export_data) {
478 uint8_t* export_data_tmp;
479 size_t export_data_length;
480
481 keymaster_error_t error =
482 device()->export_key(device(), format, &blob_, &client_id_, NULL /* app_data */,
483 &export_data_tmp, &export_data_length);
484
485 if (error != KM_ERROR_OK)
486 return error;
487
488 *export_data = string(reinterpret_cast<char*>(export_data_tmp), export_data_length);
489 free(export_data_tmp);
490 return error;
491}
492
493keymaster_error_t
494Keymaster1Test::Rescope(const AuthorizationSet& new_params, keymaster_key_blob_t* rescoped_blob,
495 keymaster_key_characteristics_t** rescoped_characteristics) {
496 return device()->rescope(device(), new_params.data(), new_params.size(), &blob_, &client_id_,
497 NULL /* app data */, rescoped_blob, rescoped_characteristics);
498}
499
500void Keymaster1Test::CheckHmacTestVector(string key, string message, keymaster_digest_t digest,
501 string expected_mac) {
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]502 ASSERT_EQ(KM_ERROR_OK,
503 ImportKey(AuthorizationSetBuilder().HmacKey(key.size() * 8).Digest(digest),
504 KM_KEY_FORMAT_RAW, key));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]505 string signature;
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]506 MacMessage(message, &signature, digest, expected_mac.size() * 8);
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]507 EXPECT_EQ(expected_mac, signature) << "Test vector didn't match for digest " << (int)digest;
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]508}
509
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]510void Keymaster1Test::CheckAesCtrTestVector(const string& key, const string& nonce,
511 const string& message,
512 const string& expected_ciphertext) {
513 ASSERT_EQ(KM_ERROR_OK, ImportKey(AuthorizationSetBuilder()
514 .AesEncryptionKey(key.size() * 8)
515 .Authorization(TAG_BLOCK_MODE, KM_MODE_CTR)
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame^]516 .Authorization(TAG_CALLER_NONCE)
517 .Padding(KM_PAD_NONE),
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]518 KM_KEY_FORMAT_RAW, key));
519
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]520 AuthorizationSet begin_params(client_params()), update_params, output_params;
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]521 begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size());
522 string ciphertext =
523 EncryptMessageWithParams(message, begin_params, update_params, &output_params);
524 EXPECT_EQ(expected_ciphertext, ciphertext);
525}
526
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]527AuthorizationSet Keymaster1Test::hw_enforced() {
528 EXPECT_TRUE(characteristics_ != NULL);
529 return AuthorizationSet(characteristics_->hw_enforced);
530}
531
532AuthorizationSet Keymaster1Test::sw_enforced() {
533 EXPECT_TRUE(characteristics_ != NULL);
534 return AuthorizationSet(characteristics_->sw_enforced);
535}
536
537void Keymaster1Test::FreeCharacteristics() {
538 keymaster_free_characteristics(characteristics_);
539 free(characteristics_);
540 characteristics_ = NULL;
541}
542
543void Keymaster1Test::FreeKeyBlob() {
544 free(const_cast<uint8_t*>(blob_.key_material));
545 blob_.key_material = NULL;
546}
547
548void Keymaster1Test::corrupt_key_blob() {
549 assert(blob_.key_material);
550 uint8_t* tmp = const_cast<uint8_t*>(blob_.key_material);
551 ++tmp[blob_.key_material_size / 2];
552}
553
554} // namespace test
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]555} // namespace keymaster