Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / keymaster / 4200f211057551c02e909fe88e5a92dae7a36597 / . / google_keymaster_test.cpp
blob: 810f1f372c29f3b9ef3f9f949e73fcfa8bf5c789 [file] [log] [blame]
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]17#include <string>
18#include <fstream>
19
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]20#include <gtest/gtest.h>
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]21
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]22#include <openssl/engine.h>
23
Shawn Willden98d9b922014-08-26 08:14:10 -0600[diff] [blame]24#include <keymaster/google_keymaster_utils.h>
25#include <keymaster/keymaster_tags.h>
26
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]27#include "google_keymaster_test_utils.h"
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]28#include "google_softkeymaster.h"
29
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]30using std::string;
31using std::ifstream;
32using std::istreambuf_iterator;
33
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]34int main(int argc, char** argv) {
35 ::testing::InitGoogleTest(&argc, argv);
36 int result = RUN_ALL_TESTS();
37 // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain.
38 CRYPTO_cleanup_all_ex_data();
Shawn Willden7c0a82b2014-09-17 12:57:32 -0600[diff] [blame]39 ERR_remove_thread_state(NULL);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]40 ERR_free_strings();
41 return result;
42}
43
44namespace keymaster {
45namespace test {
46
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]47// Note that these DSA generator, p and q values must match the values from dsa_privkey_pk8.der.
48const uint8_t dsa_g[] = {
49 0x19, 0x1C, 0x71, 0xFD, 0xE0, 0x03, 0x0C, 0x43, 0xD9, 0x0B, 0xF6, 0xCD, 0xD6, 0xA9, 0x70, 0xE7,
50 0x37, 0x86, 0x3A, 0x78, 0xE9, 0xA7, 0x47, 0xA7, 0x47, 0x06, 0x88, 0xB1, 0xAF, 0xD7, 0xF3, 0xF1,
51 0xA1, 0xD7, 0x00, 0x61, 0x28, 0x88, 0x31, 0x48, 0x60, 0xD8, 0x11, 0xEF, 0xA5, 0x24, 0x1A, 0x81,
52 0xC4, 0x2A, 0xE2, 0xEA, 0x0E, 0x36, 0xD2, 0xD2, 0x05, 0x84, 0x37, 0xCF, 0x32, 0x7D, 0x09, 0xE6,
53 0x0F, 0x8B, 0x0C, 0xC8, 0xC2, 0xA4, 0xB1, 0xDC, 0x80, 0xCA, 0x68, 0xDF, 0xAF, 0xD2, 0x90, 0xC0,
54 0x37, 0x58, 0x54, 0x36, 0x8F, 0x49, 0xB8, 0x62, 0x75, 0x8B, 0x48, 0x47, 0xC0, 0xBE, 0xF7, 0x9A,
55 0x92, 0xA6, 0x68, 0x05, 0xDA, 0x9D, 0xAF, 0x72, 0x9A, 0x67, 0xB3, 0xB4, 0x14, 0x03, 0xAE, 0x4F,
56 0x4C, 0x76, 0xB9, 0xD8, 0x64, 0x0A, 0xBA, 0x3B, 0xA8, 0x00, 0x60, 0x4D, 0xAE, 0x81, 0xC3, 0xC5,
57};
58const uint8_t dsa_p[] = {
59 0xA3, 0xF3, 0xE9, 0xB6, 0x7E, 0x7D, 0x88, 0xF6, 0xB7, 0xE5, 0xF5, 0x1F, 0x3B, 0xEE, 0xAC, 0xD7,
60 0xAD, 0xBC, 0xC9, 0xD1, 0x5A, 0xF8, 0x88, 0xC4, 0xEF, 0x6E, 0x3D, 0x74, 0x19, 0x74, 0xE7, 0xD8,
61 0xE0, 0x26, 0x44, 0x19, 0x86, 0xAF, 0x19, 0xDB, 0x05, 0xE9, 0x3B, 0x8B, 0x58, 0x58, 0xDE, 0xE5,
62 0x4F, 0x48, 0x15, 0x01, 0xEA, 0xE6, 0x83, 0x52, 0xD7, 0xC1, 0x21, 0xDF, 0xB9, 0xB8, 0x07, 0x66,
63 0x50, 0xFB, 0x3A, 0x0C, 0xB3, 0x85, 0xEE, 0xBB, 0x04, 0x5F, 0xC2, 0x6D, 0x6D, 0x95, 0xFA, 0x11,
64 0x93, 0x1E, 0x59, 0x5B, 0xB1, 0x45, 0x8D, 0xE0, 0x3D, 0x73, 0xAA, 0xF2, 0x41, 0x14, 0x51, 0x07,
65 0x72, 0x3D, 0xA2, 0xF7, 0x58, 0xCD, 0x11, 0xA1, 0x32, 0xCF, 0xDA, 0x42, 0xB7, 0xCC, 0x32, 0x80,
66 0xDB, 0x87, 0x82, 0xEC, 0x42, 0xDB, 0x5A, 0x55, 0x24, 0x24, 0xA2, 0xD1, 0x55, 0x29, 0xAD, 0xEB,
67};
68const uint8_t dsa_q[] = {
69 0xEB, 0xEA, 0x17, 0xD2, 0x09, 0xB3, 0xD7, 0x21, 0x9A, 0x21,
70 0x07, 0x82, 0x8F, 0xAB, 0xFE, 0x88, 0x71, 0x68, 0xF7, 0xE3,
71};
72
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]73class KeymasterTest : public testing::Test {
74 protected:
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]75 KeymasterTest() : device(5, new StdoutLogger) { RAND_seed("foobar", 6); }
Shawn Willdenda8485e2014-08-17 08:00:01 -0600[diff] [blame]76 ~KeymasterTest() {}
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]77
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]78 template <typename T> void ExpectEmptyResponse(const SupportedResponse<T>& response) {
79 EXPECT_EQ(KM_ERROR_OK, response.error);
80 EXPECT_EQ(0U, response.results_length);
81 }
82
83 template <typename T> void ExpectResponseContains(T val, const SupportedResponse<T>& response) {
84 EXPECT_EQ(KM_ERROR_OK, response.error);
85 EXPECT_EQ(1U, response.results_length);
86 EXPECT_EQ(val, response.results[0]);
87 }
88
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]89 GoogleSoftKeymaster device;
90};
91
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]92typedef KeymasterTest CheckSupported;
93TEST_F(CheckSupported, SupportedAlgorithms) {
94 // Shouldn't blow up on NULL.
95 device.SupportedAlgorithms(NULL);
96
97 SupportedResponse<keymaster_algorithm_t> response;
98 device.SupportedAlgorithms(&response);
99 EXPECT_EQ(KM_ERROR_OK, response.error);
Shawn Willden4d024ce2015-01-20 11:45:11 -0700[diff] [blame]100 EXPECT_EQ(3U, response.results_length);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]101 EXPECT_EQ(KM_ALGORITHM_RSA, response.results[0]);
Shawn Willden28e41472014-08-18 13:35:22 -0600[diff] [blame]102 EXPECT_EQ(KM_ALGORITHM_DSA, response.results[1]);
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]103 EXPECT_EQ(KM_ALGORITHM_ECDSA, response.results[2]);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]104}
105
106TEST_F(CheckSupported, SupportedBlockModes) {
107 // Shouldn't blow up on NULL.
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]108 device.SupportedBlockModes(KM_ALGORITHM_RSA, KM_PURPOSE_ENCRYPT, NULL);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]109
110 SupportedResponse<keymaster_block_mode_t> response;
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]111 device.SupportedBlockModes(KM_ALGORITHM_RSA, KM_PURPOSE_ENCRYPT, &response);
112 EXPECT_EQ(KM_ERROR_UNSUPPORTED_BLOCK_MODE, response.error);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]113
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]114 device.SupportedBlockModes(KM_ALGORITHM_DSA, KM_PURPOSE_ENCRYPT, &response);
115 EXPECT_EQ(KM_ERROR_UNSUPPORTED_BLOCK_MODE, response.error);
Shawn Willden28e41472014-08-18 13:35:22 -0600[diff] [blame]116
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]117 device.SupportedBlockModes(KM_ALGORITHM_ECDSA, KM_PURPOSE_ENCRYPT, &response);
118 EXPECT_EQ(KM_ERROR_UNSUPPORTED_BLOCK_MODE, response.error);
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]119
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]120 device.SupportedBlockModes(KM_ALGORITHM_AES, KM_PURPOSE_ENCRYPT, &response);
Shawn Willden4d024ce2015-01-20 11:45:11 -0700[diff] [blame]121 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]122}
123
124TEST_F(CheckSupported, SupportedPaddingModes) {
125 // Shouldn't blow up on NULL.
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]126 device.SupportedPaddingModes(KM_ALGORITHM_RSA, KM_PURPOSE_ENCRYPT, NULL);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]127
128 SupportedResponse<keymaster_padding_t> response;
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]129 device.SupportedPaddingModes(KM_ALGORITHM_RSA, KM_PURPOSE_SIGN, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]130 ExpectResponseContains(KM_PAD_NONE, response);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]131
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]132 device.SupportedPaddingModes(KM_ALGORITHM_DSA, KM_PURPOSE_SIGN, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]133 ExpectResponseContains(KM_PAD_NONE, response);
Shawn Willden28e41472014-08-18 13:35:22 -0600[diff] [blame]134
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]135 device.SupportedPaddingModes(KM_ALGORITHM_ECDSA, KM_PURPOSE_SIGN, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]136 ExpectResponseContains(KM_PAD_NONE, response);
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]137
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]138 device.SupportedPaddingModes(KM_ALGORITHM_AES, KM_PURPOSE_SIGN, &response);
Shawn Willden4d024ce2015-01-20 11:45:11 -0700[diff] [blame]139 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]140}
141
142TEST_F(CheckSupported, SupportedDigests) {
143 // Shouldn't blow up on NULL.
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]144 device.SupportedDigests(KM_ALGORITHM_RSA, KM_PURPOSE_SIGN, NULL);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]145
146 SupportedResponse<keymaster_digest_t> response;
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]147 device.SupportedDigests(KM_ALGORITHM_RSA, KM_PURPOSE_SIGN, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]148 ExpectResponseContains(KM_DIGEST_NONE, response);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]149
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]150 device.SupportedDigests(KM_ALGORITHM_DSA, KM_PURPOSE_SIGN, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]151 ExpectResponseContains(KM_DIGEST_NONE, response);
Shawn Willden28e41472014-08-18 13:35:22 -0600[diff] [blame]152
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]153 device.SupportedDigests(KM_ALGORITHM_ECDSA, KM_PURPOSE_SIGN, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]154 ExpectResponseContains(KM_DIGEST_NONE, response);
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]155
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]156 device.SupportedDigests(KM_ALGORITHM_AES, KM_PURPOSE_SIGN, &response);
Shawn Willden4d024ce2015-01-20 11:45:11 -0700[diff] [blame]157 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]158}
159
160TEST_F(CheckSupported, SupportedImportFormats) {
161 // Shouldn't blow up on NULL.
162 device.SupportedImportFormats(KM_ALGORITHM_RSA, NULL);
163
164 SupportedResponse<keymaster_key_format_t> response;
165 device.SupportedImportFormats(KM_ALGORITHM_RSA, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]166 ExpectResponseContains(KM_KEY_FORMAT_PKCS8, response);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]167
168 device.SupportedImportFormats(KM_ALGORITHM_DSA, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]169 ExpectResponseContains(KM_KEY_FORMAT_PKCS8, response);
Shawn Willden28e41472014-08-18 13:35:22 -0600[diff] [blame]170
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]171 device.SupportedImportFormats(KM_ALGORITHM_ECDSA, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]172 ExpectResponseContains(KM_KEY_FORMAT_PKCS8, response);
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]173
Shawn Willden28e41472014-08-18 13:35:22 -0600[diff] [blame]174 device.SupportedImportFormats(KM_ALGORITHM_AES, &response);
Shawn Willden4d024ce2015-01-20 11:45:11 -0700[diff] [blame]175 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]176}
177
178TEST_F(CheckSupported, SupportedExportFormats) {
179 // Shouldn't blow up on NULL.
180 device.SupportedExportFormats(KM_ALGORITHM_RSA, NULL);
181
182 SupportedResponse<keymaster_key_format_t> response;
183 device.SupportedExportFormats(KM_ALGORITHM_RSA, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]184 ExpectResponseContains(KM_KEY_FORMAT_X509, response);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]185
186 device.SupportedExportFormats(KM_ALGORITHM_DSA, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]187 ExpectResponseContains(KM_KEY_FORMAT_X509, response);
Shawn Willden28e41472014-08-18 13:35:22 -0600[diff] [blame]188
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]189 device.SupportedExportFormats(KM_ALGORITHM_ECDSA, &response);
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]190 ExpectResponseContains(KM_KEY_FORMAT_X509, response);
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]191
Shawn Willden28e41472014-08-18 13:35:22 -0600[diff] [blame]192 device.SupportedExportFormats(KM_ALGORITHM_AES, &response);
Shawn Willden4d024ce2015-01-20 11:45:11 -0700[diff] [blame]193 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]194}
195
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]196keymaster_key_param_t key_generation_base_params[] = {
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]197 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
198 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]199 Authorization(TAG_APPLICATION_ID, "app_id", 6),
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]200 Authorization(TAG_APPLICATION_DATA, "app_data", 8), Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]201};
202
203class NewKeyGeneration : public KeymasterTest {
204 protected:
205 NewKeyGeneration() {
206 req_.key_description.Reinitialize(key_generation_base_params,
207 array_length(key_generation_base_params));
208 }
209
210 void CheckBaseParams(const GenerateKeyResponse& rsp) {
211 ASSERT_EQ(KM_ERROR_OK, rsp.error);
212 EXPECT_EQ(0U, rsp.enforced.size());
213 EXPECT_EQ(12U, rsp.enforced.SerializedSize());
214 EXPECT_GT(rsp.unenforced.SerializedSize(), 12U);
215
216 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN));
217 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY));
218 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7));
219 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8));
220 EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300));
221
222 // Verify that App ID, App data and ROT are NOT included.
223 EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST));
224 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID));
225 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA));
226
227 // Just for giggles, check that some unexpected tags/values are NOT present.
228 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
229 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT));
230 EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301));
231 EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT));
232
233 // Now check that unspecified, defaulted tags are correct.
234 EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE));
235 EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME));
236 }
237
238 GenerateKeyRequest req_;
239 GenerateKeyResponse rsp_;
240};
241
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]242TEST_F(NewKeyGeneration, Rsa) {
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]243 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA));
244 req_.key_description.push_back(Authorization(TAG_KEY_SIZE, 256));
245 req_.key_description.push_back(Authorization(TAG_RSA_PUBLIC_EXPONENT, 3));
246 device.GenerateKey(req_, &rsp_);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]247
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]248 CheckBaseParams(rsp_);
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]249
250 // Check specified tags are all present in unenforced characteristics
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]251 EXPECT_TRUE(contains(rsp_.unenforced, TAG_ALGORITHM, KM_ALGORITHM_RSA));
252 EXPECT_TRUE(contains(rsp_.unenforced, TAG_KEY_SIZE, 256));
253 EXPECT_TRUE(contains(rsp_.unenforced, TAG_RSA_PUBLIC_EXPONENT, 3));
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]254}
255
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]256TEST_F(NewKeyGeneration, RsaDefaultSize) {
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]257 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA));
258 device.GenerateKey(req_, &rsp_);
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]259
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]260 CheckBaseParams(rsp_);
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]261
262 // Check specified tags are all present in unenforced characteristics
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]263 EXPECT_TRUE(contains(rsp_.unenforced, TAG_ALGORITHM, KM_ALGORITHM_RSA));
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]264
265 // Now check that unspecified, defaulted tags are correct.
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]266 EXPECT_TRUE(contains(rsp_.unenforced, TAG_RSA_PUBLIC_EXPONENT, 65537));
267 EXPECT_TRUE(contains(rsp_.unenforced, TAG_KEY_SIZE, 2048));
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]268}
269
Shawn Willdend63e3052015-01-20 11:45:07 -0700[diff] [blame]270TEST_F(NewKeyGeneration, Dsa) {
271 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_DSA));
272 req_.key_description.push_back(Authorization(TAG_KEY_SIZE, 256));
273 device.GenerateKey(req_, &rsp_);
274
275 CheckBaseParams(rsp_);
276
277 // Check specified tags are all present in unenforced characteristics
278 EXPECT_TRUE(contains(rsp_.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA));
279 EXPECT_TRUE(contains(rsp_.unenforced, TAG_KEY_SIZE, 256));
280
281 // Generator should have created DSA params.
282 keymaster_blob_t g, p, q;
283 EXPECT_TRUE(rsp_.unenforced.GetTagValue(TAG_DSA_GENERATOR, &g));
284 EXPECT_TRUE(rsp_.unenforced.GetTagValue(TAG_DSA_P, &p));
285 EXPECT_TRUE(rsp_.unenforced.GetTagValue(TAG_DSA_Q, &q));
286 EXPECT_TRUE(g.data_length >= 63 && g.data_length <= 64);
287 EXPECT_EQ(64U, p.data_length);
288 EXPECT_EQ(20U, q.data_length);
289}
290
291TEST_F(NewKeyGeneration, DsaDefaultSize) {
292 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_DSA));
293 device.GenerateKey(req_, &rsp_);
294
295 CheckBaseParams(rsp_);
296
297 // Check specified tags are all present in unenforced characteristics
298 EXPECT_TRUE(contains(rsp_.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA));
299
300 // Now check that unspecified, defaulted tags are correct.
301 EXPECT_TRUE(contains(rsp_.unenforced, TAG_KEY_SIZE, 2048));
302 keymaster_blob_t g, p, q;
303 EXPECT_TRUE(rsp_.unenforced.GetTagValue(TAG_DSA_GENERATOR, &g));
304 EXPECT_TRUE(rsp_.unenforced.GetTagValue(TAG_DSA_P, &p));
305 EXPECT_TRUE(rsp_.unenforced.GetTagValue(TAG_DSA_Q, &q));
306 EXPECT_TRUE(g.data_length >= 255 && g.data_length <= 256);
307 EXPECT_EQ(256U, p.data_length);
308 EXPECT_EQ(32U, q.data_length);
309}
310
311TEST_F(NewKeyGeneration, Dsa_ParamsSpecified) {
312 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_DSA));
313 req_.key_description.push_back(Authorization(TAG_KEY_SIZE, 256));
314 req_.key_description.push_back(Authorization(TAG_DSA_GENERATOR, dsa_g, array_size(dsa_g)));
315 req_.key_description.push_back(Authorization(TAG_DSA_P, dsa_p, array_size(dsa_p)));
316 req_.key_description.push_back(Authorization(TAG_DSA_Q, dsa_q, array_size(dsa_q)));
317 device.GenerateKey(req_, &rsp_);
318
319 CheckBaseParams(rsp_);
320
321 // Check specified tags are all present in unenforced characteristics
322 EXPECT_TRUE(contains(rsp_.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA));
323 EXPECT_TRUE(contains(rsp_.unenforced, TAG_KEY_SIZE, 256));
324 EXPECT_TRUE(contains(rsp_.unenforced, TAG_DSA_GENERATOR,
325 std::string(reinterpret_cast<const char*>(dsa_g), array_size(dsa_g))));
326 EXPECT_TRUE(contains(rsp_.unenforced, TAG_DSA_P,
327 std::string(reinterpret_cast<const char*>(dsa_p), array_size(dsa_p))));
328 EXPECT_TRUE(contains(rsp_.unenforced, TAG_DSA_Q,
329 std::string(reinterpret_cast<const char*>(dsa_q), array_size(dsa_q))));
330}
331
332TEST_F(NewKeyGeneration, Dsa_SomeParamsSpecified) {
333 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_DSA));
334 req_.key_description.push_back(Authorization(TAG_KEY_SIZE, 256));
335 req_.key_description.push_back(Authorization(TAG_DSA_P, dsa_p, array_size(dsa_p)));
336 req_.key_description.push_back(Authorization(TAG_DSA_Q, dsa_q, array_size(dsa_q)));
337 device.GenerateKey(req_, &rsp_);
338
339 ASSERT_EQ(KM_ERROR_INVALID_DSA_PARAMS, rsp_.error);
340}
341
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]342TEST_F(NewKeyGeneration, Ecdsa) {
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]343 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
Shawn Willden8c856c82014-09-26 09:34:36 -0600[diff] [blame]344 req_.key_description.push_back(Authorization(TAG_KEY_SIZE, 224));
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]345 device.GenerateKey(req_, &rsp_);
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]346
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]347 CheckBaseParams(rsp_);
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]348
349 // Check specified tags are all present in unenforced characteristics
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]350 EXPECT_TRUE(contains(rsp_.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
Shawn Willden8c856c82014-09-26 09:34:36 -0600[diff] [blame]351 EXPECT_TRUE(contains(rsp_.unenforced, TAG_KEY_SIZE, 224));
Shawn Willdenc3864dd2014-08-18 15:20:01 -0600[diff] [blame]352}
353
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]354TEST_F(NewKeyGeneration, EcdsaDefaultSize) {
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]355 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
356 device.GenerateKey(req_, &rsp_);
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]357
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]358 CheckBaseParams(rsp_);
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]359
360 // Check specified tags are all present in unenforced characteristics
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]361 EXPECT_TRUE(contains(rsp_.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]362
363 // Now check that unspecified, defaulted tags are correct.
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]364 EXPECT_TRUE(contains(rsp_.unenforced, TAG_KEY_SIZE, 224));
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]365}
366
367TEST_F(NewKeyGeneration, EcdsaInvalidSize) {
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]368 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
369 req_.key_description.push_back(Authorization(TAG_KEY_SIZE, 190));
370 device.GenerateKey(req_, &rsp_);
371 ASSERT_EQ(KM_ERROR_UNSUPPORTED_KEY_SIZE, rsp_.error);
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]372}
373
374TEST_F(NewKeyGeneration, EcdsaAllValidSizes) {
Shawn Willden8c856c82014-09-26 09:34:36 -0600[diff] [blame]375 size_t valid_sizes[] = {224, 256, 384, 521};
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]376 for (size_t size : valid_sizes) {
Shawn Willdend0772312014-09-18 12:27:57 -0600[diff] [blame]377 req_.key_description.Reinitialize(key_generation_base_params,
378 array_length(key_generation_base_params));
379 req_.key_description.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
380 req_.key_description.push_back(Authorization(TAG_KEY_SIZE, size));
Shawn Willdena1a4ca02015-01-20 11:45:15 -0700[diff] [blame]381 device.GenerateKey(req_, &rsp_);
382 EXPECT_EQ(KM_ERROR_OK, rsp_.error) << "Failed to generate size: " << size;
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]383 }
384}
385
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]386typedef KeymasterTest GetKeyCharacteristics;
387TEST_F(GetKeyCharacteristics, SimpleRsa) {
388 keymaster_key_param_t params[] = {
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]389 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
390 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA), Authorization(TAG_KEY_SIZE, 256),
391 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
392 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]393 };
394
395 GenerateKeyRequest gen_req;
396 gen_req.key_description.Reinitialize(params, array_length(params));
397 GenerateKeyResponse gen_rsp;
398
399 device.GenerateKey(gen_req, &gen_rsp);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]400 ASSERT_EQ(KM_ERROR_OK, gen_rsp.error);
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]401
402 GetKeyCharacteristicsRequest req;
Shawn Willdenda8485e2014-08-17 08:00:01 -0600[diff] [blame]403 req.SetKeyMaterial(gen_rsp.key_blob);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]404 req.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]405
406 GetKeyCharacteristicsResponse rsp;
407 device.GetKeyCharacteristics(req, &rsp);
408 ASSERT_EQ(KM_ERROR_OK, rsp.error);
409
410 EXPECT_EQ(gen_rsp.enforced, rsp.enforced);
411 EXPECT_EQ(gen_rsp.unenforced, rsp.unenforced);
412}
413
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]414/**
415 * Test class that provides some infrastructure for generating keys and signing messages.
416 */
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]417class SigningOperationsTest : public KeymasterTest {
418 protected:
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]419 void GenerateKey(keymaster_algorithm_t algorithm, keymaster_digest_t digest,
420 keymaster_padding_t padding, uint32_t key_size) {
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]421 keymaster_key_param_t params[] = {
422 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]423 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), Authorization(TAG_ALGORITHM, algorithm),
424 Authorization(TAG_KEY_SIZE, key_size), Authorization(TAG_USER_ID, 7),
425 Authorization(TAG_USER_AUTH_ID, 8), Authorization(TAG_APPLICATION_ID, "app_id", 6),
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]426 Authorization(TAG_AUTH_TIMEOUT, 300),
427 };
428 GenerateKeyRequest generate_request;
429 generate_request.key_description.Reinitialize(params, array_length(params));
Shawn Willden43e999e2014-08-13 13:29:50 -0600[diff] [blame]430 if (static_cast<int>(digest) != -1)
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]431 generate_request.key_description.push_back(TAG_DIGEST, digest);
Shawn Willden43e999e2014-08-13 13:29:50 -0600[diff] [blame]432 if (static_cast<int>(padding) != -1)
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]433 generate_request.key_description.push_back(TAG_PADDING, padding);
434 device.GenerateKey(generate_request, &generate_response_);
435 EXPECT_EQ(KM_ERROR_OK, generate_response_.error);
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]436 }
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]437
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]438 void SignMessage(const void* message, size_t size) {
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]439 SignMessage(generate_response_.key_blob, message, size);
440 }
441
442 void SignMessage(const keymaster_key_blob_t& key_blob, const void* message, size_t size) {
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]443 BeginOperationRequest begin_request;
444 BeginOperationResponse begin_response;
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]445 begin_request.SetKeyMaterial(key_blob);
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]446 begin_request.purpose = KM_PURPOSE_SIGN;
447 AddClientParams(&begin_request.additional_params);
448
449 device.BeginOperation(begin_request, &begin_response);
450 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
451
452 UpdateOperationRequest update_request;
453 UpdateOperationResponse update_response;
454 update_request.op_handle = begin_response.op_handle;
455 update_request.input.Reinitialize(message, size);
456 EXPECT_EQ(size, update_request.input.available_read());
457
458 device.UpdateOperation(update_request, &update_response);
459 ASSERT_EQ(KM_ERROR_OK, update_response.error);
460 EXPECT_EQ(0U, update_response.output.available_read());
461
462 FinishOperationRequest finish_request;
463 finish_request.op_handle = begin_response.op_handle;
464 device.FinishOperation(finish_request, &finish_response_);
465 ASSERT_EQ(KM_ERROR_OK, finish_response_.error);
466 EXPECT_GT(finish_response_.output.available_read(), 0U);
467 }
468
469 void AddClientParams(AuthorizationSet* set) { set->push_back(TAG_APPLICATION_ID, "app_id", 6); }
470
471 const keymaster_key_blob_t& key_blob() { return generate_response_.key_blob; }
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame]472
473 const keymaster_key_blob_t& corrupt_key_blob() {
Shawn Willden2241bf02014-08-28 09:59:53 -0600[diff] [blame]474 uint8_t* tmp = const_cast<uint8_t*>(generate_response_.key_blob.key_material);
475 ++tmp[generate_response_.key_blob.key_material_size / 2];
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame]476 return generate_response_.key_blob;
477 }
478
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]479 Buffer* signature() {
480 if (finish_response_.error == KM_ERROR_OK)
481 return &finish_response_.output;
482 return NULL;
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]483 }
484
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]485 GenerateKeyResponse generate_response_;
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]486 FinishOperationResponse finish_response_;
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]487};
488
489TEST_F(SigningOperationsTest, RsaSuccess) {
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]490 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
Shawn Willdenffd790c2014-08-18 21:20:06 -0600[diff] [blame]491 const char message[] = "12345678901234567890123456789012";
Shawn Willdend05cba52014-09-26 09:58:12 -0600[diff] [blame]492 SignMessage(message, array_size(message) - 1);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]493}
494
Shawn Willdend63e3052015-01-20 11:45:07 -0700[diff] [blame]495TEST_F(SigningOperationsTest, DsaSuccess) {
496 GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
497 const char message[] = "123456789012345678901234567890123456789012345678";
498 SignMessage(message, array_size(message) - 1);
499}
500
Shawn Willden5ac2f8f2014-08-18 15:33:10 -0600[diff] [blame]501TEST_F(SigningOperationsTest, EcdsaSuccess) {
Shawn Willden8c856c82014-09-26 09:34:36 -0600[diff] [blame]502 GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 224 /* key size */);
Shawn Willdend05cba52014-09-26 09:58:12 -0600[diff] [blame]503 const char message[] = "123456789012345678901234567890123456789012345678";
504 SignMessage(message, array_size(message) - 1);
Shawn Willden5ac2f8f2014-08-18 15:33:10 -0600[diff] [blame]505}
506
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]507TEST_F(SigningOperationsTest, RsaAbort) {
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]508 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]509
510 BeginOperationRequest begin_request;
511 BeginOperationResponse begin_response;
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]512 begin_request.SetKeyMaterial(key_blob());
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]513 begin_request.purpose = KM_PURPOSE_SIGN;
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]514 AddClientParams(&begin_request.additional_params);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]515
516 device.BeginOperation(begin_request, &begin_response);
517 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
518
519 EXPECT_EQ(KM_ERROR_OK, device.AbortOperation(begin_response.op_handle));
520
521 // Another abort should fail
522 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
523}
524
525TEST_F(SigningOperationsTest, RsaUnsupportedDigest) {
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]526 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_SHA_2_256, KM_PAD_NONE, 256 /* key size */);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]527
528 BeginOperationRequest begin_request;
529 BeginOperationResponse begin_response;
530 begin_request.purpose = KM_PURPOSE_SIGN;
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]531 begin_request.SetKeyMaterial(key_blob());
532 AddClientParams(&begin_request.additional_params);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]533
534 device.BeginOperation(begin_request, &begin_response);
535 ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error);
536
537 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
538}
539
540TEST_F(SigningOperationsTest, RsaUnsupportedPadding) {
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]541 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_RSA_OAEP, 256 /* key size */);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]542
543 BeginOperationRequest begin_request;
544 BeginOperationResponse begin_response;
545 begin_request.purpose = KM_PURPOSE_SIGN;
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]546 begin_request.SetKeyMaterial(key_blob());
547 AddClientParams(&begin_request.additional_params);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]548
549 device.BeginOperation(begin_request, &begin_response);
550 ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error);
551
552 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
553}
554
555TEST_F(SigningOperationsTest, RsaNoDigest) {
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]556 GenerateKey(KM_ALGORITHM_RSA, static_cast<keymaster_digest_t>(-1), KM_PAD_NONE,
557 256 /* key size */);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]558
559 BeginOperationRequest begin_request;
560 BeginOperationResponse begin_response;
561 begin_request.purpose = KM_PURPOSE_SIGN;
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]562 begin_request.SetKeyMaterial(key_blob());
563 AddClientParams(&begin_request.additional_params);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]564
565 device.BeginOperation(begin_request, &begin_response);
566 ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error);
567
568 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
569}
570
571TEST_F(SigningOperationsTest, RsaNoPadding) {
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]572 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, static_cast<keymaster_padding_t>(-1),
573 256 /* key size */);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]574
575 BeginOperationRequest begin_request;
576 BeginOperationResponse begin_response;
577 begin_request.purpose = KM_PURPOSE_SIGN;
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]578 begin_request.SetKeyMaterial(key_blob());
579 AddClientParams(&begin_request.additional_params);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]580
581 device.BeginOperation(begin_request, &begin_response);
582 ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error);
583
584 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
585}
586
587TEST_F(SigningOperationsTest, RsaTooShortMessage) {
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]588 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]589
590 BeginOperationRequest begin_request;
591 BeginOperationResponse begin_response;
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]592 begin_request.SetKeyMaterial(key_blob());
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]593 begin_request.purpose = KM_PURPOSE_SIGN;
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]594 AddClientParams(&begin_request.additional_params);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]595
596 device.BeginOperation(begin_request, &begin_response);
597 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
598
599 UpdateOperationRequest update_request;
600 UpdateOperationResponse update_response;
601 update_request.op_handle = begin_response.op_handle;
602 update_request.input.Reinitialize("01234567890123456789012345678901", 31);
603 EXPECT_EQ(31U, update_request.input.available_read());
604
605 device.UpdateOperation(update_request, &update_response);
606 ASSERT_EQ(KM_ERROR_OK, update_response.error);
607 EXPECT_EQ(0U, update_response.output.available_read());
608
Shawn Willden43e999e2014-08-13 13:29:50 -0600[diff] [blame]609 FinishOperationRequest finish_request;
610 finish_request.op_handle = begin_response.op_handle;
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]611 FinishOperationResponse finish_response;
Shawn Willden43e999e2014-08-13 13:29:50 -0600[diff] [blame]612 device.FinishOperation(finish_request, &finish_response);
Shawn Willden00aa7942014-09-10 07:57:43 -0600[diff] [blame]613 ASSERT_EQ(KM_ERROR_UNKNOWN_ERROR, finish_response.error);
Shawn Willden43e999e2014-08-13 13:29:50 -0600[diff] [blame]614 EXPECT_EQ(0U, finish_response.output.available_read());
615
616 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
617}
618
Shawn Willdend05cba52014-09-26 09:58:12 -0600[diff] [blame]619class VerificationOperationsTest : public SigningOperationsTest {
620 protected:
621 void VerifyMessage(const void* message, size_t message_len) {
622 VerifyMessage(generate_response_.key_blob, message, message_len);
623 }
624
625 void VerifyMessage(const keymaster_key_blob_t& key_blob, const void* message,
626 size_t message_len) {
627 ASSERT_TRUE(signature() != NULL);
628
629 BeginOperationRequest begin_request;
630 BeginOperationResponse begin_response;
631 begin_request.SetKeyMaterial(key_blob);
632 begin_request.purpose = KM_PURPOSE_VERIFY;
633 AddClientParams(&begin_request.additional_params);
634
635 device.BeginOperation(begin_request, &begin_response);
636 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
637
638 UpdateOperationRequest update_request;
639 UpdateOperationResponse update_response;
640 update_request.op_handle = begin_response.op_handle;
641 update_request.input.Reinitialize(message, message_len);
642 EXPECT_EQ(message_len, update_request.input.available_read());
643
644 device.UpdateOperation(update_request, &update_response);
645 ASSERT_EQ(KM_ERROR_OK, update_response.error);
646 EXPECT_EQ(0U, update_response.output.available_read());
647
648 FinishOperationRequest finish_request;
649 finish_request.op_handle = begin_response.op_handle;
650 finish_request.signature.Reinitialize(*signature());
651 FinishOperationResponse finish_response;
652 device.FinishOperation(finish_request, &finish_response);
653 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
654 EXPECT_EQ(0U, finish_response.output.available_read());
655
656 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE,
657 device.AbortOperation(begin_response.op_handle));
658 }
659};
660
Shawn Willden43e999e2014-08-13 13:29:50 -0600[diff] [blame]661TEST_F(VerificationOperationsTest, RsaSuccess) {
Shawn Willden61644f32014-08-18 13:43:14 -0600[diff] [blame]662 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
663 const char message[] = "12345678901234567890123456789012";
664 SignMessage(message, array_size(message) - 1);
Shawn Willdend05cba52014-09-26 09:58:12 -0600[diff] [blame]665 VerifyMessage(message, array_size(message) - 1);
Shawn Willden1615f2e2014-08-13 10:37:40 -0600[diff] [blame]666}
667
Shawn Willdend63e3052015-01-20 11:45:07 -0700[diff] [blame]668TEST_F(VerificationOperationsTest, DsaSuccess) {
669 GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
670 const char message[] = "123456789012345678901234567890123456789012345678";
671 SignMessage(message, array_size(message) - 1);
672 VerifyMessage(message, array_size(message) - 1);
673}
674
Shawn Willden5ac2f8f2014-08-18 15:33:10 -0600[diff] [blame]675TEST_F(VerificationOperationsTest, EcdsaSuccess) {
Shawn Willden8c856c82014-09-26 09:34:36 -0600[diff] [blame]676 GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 224 /* key size */);
Shawn Willden5ac2f8f2014-08-18 15:33:10 -0600[diff] [blame]677 const char message[] = "123456789012345678901234567890123456789012345678";
678 SignMessage(message, array_size(message) - 1);
Shawn Willdend05cba52014-09-26 09:58:12 -0600[diff] [blame]679 VerifyMessage(message, array_size(message) - 1);
Shawn Willden5ac2f8f2014-08-18 15:33:10 -0600[diff] [blame]680}
681
Shawn Willdenffd790c2014-08-18 21:20:06 -0600[diff] [blame]682typedef SigningOperationsTest ExportKeyTest;
683TEST_F(ExportKeyTest, RsaSuccess) {
684 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
Shawn Willdenffd790c2014-08-18 21:20:06 -0600[diff] [blame]685
686 ExportKeyRequest request;
687 ExportKeyResponse response;
688 AddClientParams(&request.additional_params);
689 request.key_format = KM_KEY_FORMAT_X509;
690 request.SetKeyMaterial(key_blob());
691
692 device.ExportKey(request, &response);
693 ASSERT_EQ(KM_ERROR_OK, response.error);
694 EXPECT_TRUE(response.key_data != NULL);
Shawn Willdene46a43f2014-08-27 10:35:36 -0600[diff] [blame]695
696 // TODO(swillden): Verify that the exported key is actually usable to verify signatures.
Shawn Willdenffd790c2014-08-18 21:20:06 -0600[diff] [blame]697}
698
Shawn Willdend63e3052015-01-20 11:45:07 -0700[diff] [blame]699TEST_F(ExportKeyTest, DsaSuccess) {
700 GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 1024 /* key size */);
701
702 ExportKeyRequest request;
703 ExportKeyResponse response;
704 AddClientParams(&request.additional_params);
705 request.key_format = KM_KEY_FORMAT_X509;
706 request.SetKeyMaterial(key_blob());
707
708 device.ExportKey(request, &response);
709 ASSERT_EQ(KM_ERROR_OK, response.error);
710 EXPECT_TRUE(response.key_data != NULL);
711
712 // TODO(swillden): Verify that the exported key is actually usable to verify signatures.
713}
714
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame]715TEST_F(ExportKeyTest, EcdsaSuccess) {
Shawn Willden8c856c82014-09-26 09:34:36 -0600[diff] [blame]716 GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 224 /* key size */);
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame]717
718 ExportKeyRequest request;
719 ExportKeyResponse response;
720 AddClientParams(&request.additional_params);
721 request.key_format = KM_KEY_FORMAT_X509;
722 request.SetKeyMaterial(key_blob());
723
724 device.ExportKey(request, &response);
725 ASSERT_EQ(KM_ERROR_OK, response.error);
726 EXPECT_TRUE(response.key_data != NULL);
Shawn Willdene46a43f2014-08-27 10:35:36 -0600[diff] [blame]727
728 // TODO(swillden): Verify that the exported key is actually usable to verify signatures.
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame]729}
730
731TEST_F(ExportKeyTest, RsaUnsupportedKeyFormat) {
732 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256);
733
734 ExportKeyRequest request;
735 ExportKeyResponse response;
736 AddClientParams(&request.additional_params);
737
738 /* We have no other defined export formats defined. */
739 request.key_format = KM_KEY_FORMAT_PKCS8;
740 request.SetKeyMaterial(key_blob());
741
742 device.ExportKey(request, &response);
743 ASSERT_EQ(KM_ERROR_UNSUPPORTED_KEY_FORMAT, response.error);
744 EXPECT_TRUE(response.key_data == NULL);
745}
746
747TEST_F(ExportKeyTest, RsaCorruptedKeyBlob) {
748 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256);
749
750 ExportKeyRequest request;
751 ExportKeyResponse response;
752 AddClientParams(&request.additional_params);
753 request.key_format = KM_KEY_FORMAT_X509;
754 request.SetKeyMaterial(corrupt_key_blob());
755
756 device.ExportKey(request, &response);
757 ASSERT_EQ(KM_ERROR_INVALID_KEY_BLOB, response.error);
758 ASSERT_TRUE(response.key_data == NULL);
759}
760
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]761static string read_file(const string& file_name) {
762 ifstream file_stream(file_name, std::ios::binary);
763 istreambuf_iterator<char> file_begin(file_stream);
764 istreambuf_iterator<char> file_end;
765 return string(file_begin, file_end);
766}
767
Shawn Willdend05cba52014-09-26 09:58:12 -0600[diff] [blame]768typedef VerificationOperationsTest ImportKeyTest;
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]769TEST_F(ImportKeyTest, RsaSuccess) {
770 keymaster_key_param_t params[] = {
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]771 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
772 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
773 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
774 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]775 };
776
Shawn Willden81effc62014-08-27 10:08:46 -0600[diff] [blame]777 string pk8_key = read_file("rsa_privkey_pk8.der");
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]778 ASSERT_EQ(633U, pk8_key.size());
779
780 ImportKeyRequest import_request;
781 import_request.key_description.Reinitialize(params, array_length(params));
782 import_request.key_format = KM_KEY_FORMAT_PKCS8;
783 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
784
785 ImportKeyResponse import_response;
786 device.ImportKey(import_request, &import_response);
787 ASSERT_EQ(KM_ERROR_OK, import_response.error);
788 EXPECT_EQ(0U, import_response.enforced.size());
789 EXPECT_GT(import_response.unenforced.size(), 0U);
790
791 // Check values derived from the key.
792 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_RSA));
793 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 1024));
794 EXPECT_TRUE(contains(import_response.unenforced, TAG_RSA_PUBLIC_EXPONENT, 65537U));
795
796 // And values provided by GoogleKeymaster
797 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
798 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
799
800 size_t message_len = 1024 / 8;
801 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
802 std::fill(message.get(), message.get() + message_len, 'a');
803 SignMessage(import_response.key_blob, message.get(), message_len);
804 ASSERT_TRUE(signature() != NULL);
Shawn Willdend05cba52014-09-26 09:58:12 -0600[diff] [blame]805 VerifyMessage(import_response.key_blob, message.get(), message_len);
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]806}
807
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]808TEST_F(ImportKeyTest, RsaKeySizeMismatch) {
809 keymaster_key_param_t params[] = {
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]810 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
811 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]812 Authorization(TAG_KEY_SIZE, 2048), // Doesn't match key
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]813 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
814 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]815 };
816
817 string pk8_key = read_file("rsa_privkey_pk8.der");
818 ASSERT_EQ(633U, pk8_key.size());
819
820 ImportKeyRequest import_request;
821 import_request.key_description.Reinitialize(params, array_length(params));
822 import_request.key_format = KM_KEY_FORMAT_PKCS8;
823 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
824
825 ImportKeyResponse import_response;
826 device.ImportKey(import_request, &import_response);
827 ASSERT_EQ(KM_ERROR_IMPORT_PARAMETER_MISMATCH, import_response.error);
828}
829
830TEST_F(ImportKeyTest, RsaPublicExponenMismatch) {
831 keymaster_key_param_t params[] = {
832 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]833 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
834 Authorization(TAG_RSA_PUBLIC_EXPONENT, 3), Authorization(TAG_USER_ID, 7),
835 Authorization(TAG_USER_AUTH_ID, 8), Authorization(TAG_APPLICATION_ID, "app_id", 6),
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]836 Authorization(TAG_AUTH_TIMEOUT, 300),
837 };
838
839 string pk8_key = read_file("rsa_privkey_pk8.der");
840 ASSERT_EQ(633U, pk8_key.size());
841
842 ImportKeyRequest import_request;
843 import_request.key_description.Reinitialize(params, array_length(params));
844 import_request.key_format = KM_KEY_FORMAT_PKCS8;
845 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
846
847 ImportKeyResponse import_response;
848 device.ImportKey(import_request, &import_response);
849 ASSERT_EQ(KM_ERROR_IMPORT_PARAMETER_MISMATCH, import_response.error);
850}
851
Shawn Willdend63e3052015-01-20 11:45:07 -0700[diff] [blame]852TEST_F(ImportKeyTest, DsaSuccess) {
853 keymaster_key_param_t params[] = {
854 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
855 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
856 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
857 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
858 };
859
860 string pk8_key = read_file("dsa_privkey_pk8.der");
861 ASSERT_EQ(335U, pk8_key.size());
862
863 ImportKeyRequest import_request;
864 import_request.key_description.Reinitialize(params, array_length(params));
865 import_request.key_format = KM_KEY_FORMAT_PKCS8;
866 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
867
868 ImportKeyResponse import_response;
869 device.ImportKey(import_request, &import_response);
870 ASSERT_EQ(KM_ERROR_OK, import_response.error);
871 EXPECT_EQ(0U, import_response.enforced.size());
872 EXPECT_GT(import_response.unenforced.size(), 0U);
873
874 // Check values derived from the key.
875 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA));
876 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 1024));
877
878 // And values provided by GoogleKeymaster
879 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
880 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
881
882 size_t message_len = 48;
883 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
884 std::fill(message.get(), message.get() + message_len, 'a');
885 SignMessage(import_response.key_blob, message.get(), message_len);
886 ASSERT_TRUE(signature() != NULL);
887 VerifyMessage(import_response.key_blob, message.get(), message_len);
888}
889
890TEST_F(ImportKeyTest, DsaParametersMatch) {
891 keymaster_key_param_t params[] = {
892 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
893 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
894 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
895 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
896 Authorization(TAG_KEY_SIZE, 1024),
897 Authorization(TAG_DSA_GENERATOR, dsa_g, array_size(dsa_g)),
898 Authorization(TAG_DSA_P, dsa_p, array_size(dsa_p)),
899 Authorization(TAG_DSA_Q, dsa_q, array_size(dsa_q)),
900 };
901
902 string pk8_key = read_file("dsa_privkey_pk8.der");
903 ASSERT_EQ(335U, pk8_key.size());
904
905 ImportKeyRequest import_request;
906 import_request.key_description.Reinitialize(params, array_length(params));
907 import_request.key_format = KM_KEY_FORMAT_PKCS8;
908 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
909
910 ImportKeyResponse import_response;
911 device.ImportKey(import_request, &import_response);
912 ASSERT_EQ(KM_ERROR_OK, import_response.error);
913 EXPECT_EQ(0U, import_response.enforced.size());
914 EXPECT_GT(import_response.unenforced.size(), 0U);
915
916 // Check values derived from the key.
917 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA));
918 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 1024));
919
920 // And values provided by GoogleKeymaster
921 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
922 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
923
924 size_t message_len = 48;
925 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
926 std::fill(message.get(), message.get() + message_len, 'a');
927 SignMessage(import_response.key_blob, message.get(), message_len);
928 ASSERT_TRUE(signature() != NULL);
929 VerifyMessage(import_response.key_blob, message.get(), message_len);
930}
931
932uint8_t dsa_wrong_q[] = {
933 0xC0, 0x66, 0x64, 0xF9, 0x05, 0x38, 0x64, 0x38, 0x4A, 0x17,
934 0x66, 0x79, 0xDD, 0x7F, 0x6E, 0x55, 0x22, 0x2A, 0xDF, 0xC5,
935};
936
937TEST_F(ImportKeyTest, DsaParameterMismatch) {
938 keymaster_key_param_t params[] = {
939 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
940 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
941 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
942 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
943 Authorization(TAG_KEY_SIZE, 1024),
944 Authorization(TAG_DSA_Q, dsa_wrong_q, array_size(dsa_wrong_q)),
945 };
946
947 string pk8_key = read_file("dsa_privkey_pk8.der");
948 ASSERT_EQ(335U, pk8_key.size());
949
950 ImportKeyRequest import_request;
951 import_request.key_description.Reinitialize(params, array_length(params));
952 import_request.key_format = KM_KEY_FORMAT_PKCS8;
953 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
954
955 ImportKeyResponse import_response;
956 device.ImportKey(import_request, &import_response);
957 ASSERT_EQ(KM_ERROR_IMPORT_PARAMETER_MISMATCH, import_response.error);
958}
959
960TEST_F(ImportKeyTest, DsaKeySizeMismatch) {
961 keymaster_key_param_t params[] = {
962 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
963 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
964 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
965 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
966 Authorization(TAG_KEY_SIZE, 2048),
967 };
968
969 string pk8_key = read_file("dsa_privkey_pk8.der");
970 ASSERT_EQ(335U, pk8_key.size());
971
972 ImportKeyRequest import_request;
973 import_request.key_description.Reinitialize(params, array_length(params));
974 import_request.key_format = KM_KEY_FORMAT_PKCS8;
975 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
976
977 ImportKeyResponse import_response;
978 device.ImportKey(import_request, &import_response);
979 ASSERT_EQ(KM_ERROR_IMPORT_PARAMETER_MISMATCH, import_response.error);
980}
981
Shawn Willden81effc62014-08-27 10:08:46 -0600[diff] [blame]982TEST_F(ImportKeyTest, EcdsaSuccess) {
983 keymaster_key_param_t params[] = {
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]984 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
985 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
986 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
987 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden81effc62014-08-27 10:08:46 -0600[diff] [blame]988 };
989
990 string pk8_key = read_file("ec_privkey_pk8.der");
991 ASSERT_EQ(138U, pk8_key.size());
992
993 ImportKeyRequest import_request;
994 import_request.key_description.Reinitialize(params, array_length(params));
995 import_request.key_format = KM_KEY_FORMAT_PKCS8;
996 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
997
998 ImportKeyResponse import_response;
999 device.ImportKey(import_request, &import_response);
1000 ASSERT_EQ(KM_ERROR_OK, import_response.error);
1001 EXPECT_EQ(0U, import_response.enforced.size());
1002 EXPECT_GT(import_response.unenforced.size(), 0U);
1003
1004 // Check values derived from the key.
1005 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
1006 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 256));
1007
1008 // And values provided by GoogleKeymaster
1009 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
1010 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
1011
1012 size_t message_len = 1024 / 8;
1013 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
1014 std::fill(message.get(), message.get() + message_len, 'a');
1015 SignMessage(import_response.key_blob, message.get(), message_len);
1016 ASSERT_TRUE(signature() != NULL);
Shawn Willdend05cba52014-09-26 09:58:12 -0600[diff] [blame]1017 VerifyMessage(import_response.key_blob, message.get(), message_len);
Shawn Willden81effc62014-08-27 10:08:46 -0600[diff] [blame]1018}
1019
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]1020TEST_F(ImportKeyTest, EcdsaSizeSpecified) {
1021 keymaster_key_param_t params[] = {
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]1022 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
1023 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
1024 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
1025 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]1026 Authorization(TAG_KEY_SIZE, 256),
1027 };
1028
1029 string pk8_key = read_file("ec_privkey_pk8.der");
1030 ASSERT_EQ(138U, pk8_key.size());
1031
1032 ImportKeyRequest import_request;
1033 import_request.key_description.Reinitialize(params, array_length(params));
1034 import_request.key_format = KM_KEY_FORMAT_PKCS8;
1035 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
1036
1037 ImportKeyResponse import_response;
1038 device.ImportKey(import_request, &import_response);
1039 ASSERT_EQ(KM_ERROR_OK, import_response.error);
1040 EXPECT_EQ(0U, import_response.enforced.size());
1041 EXPECT_GT(import_response.unenforced.size(), 0U);
1042
1043 // Check values derived from the key.
1044 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
1045 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 256));
1046
1047 // And values provided by GoogleKeymaster
1048 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
1049 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
1050
1051 size_t message_len = 1024 / 8;
1052 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
1053 std::fill(message.get(), message.get() + message_len, 'a');
1054 SignMessage(import_response.key_blob, message.get(), message_len);
1055 ASSERT_TRUE(signature() != NULL);
Shawn Willdend05cba52014-09-26 09:58:12 -0600[diff] [blame]1056 VerifyMessage(import_response.key_blob, message.get(), message_len);
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]1057}
1058
1059TEST_F(ImportKeyTest, EcdsaSizeMismatch) {
1060 keymaster_key_param_t params[] = {
Shawn Willden3809b932014-12-02 06:59:46 -0700[diff] [blame]1061 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
1062 Authorization(TAG_DIGEST, KM_DIGEST_NONE), Authorization(TAG_PADDING, KM_PAD_NONE),
1063 Authorization(TAG_USER_ID, 7), Authorization(TAG_USER_AUTH_ID, 8),
1064 Authorization(TAG_APPLICATION_ID, "app_id", 6), Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden8c856c82014-09-26 09:34:36 -0600[diff] [blame]1065 Authorization(TAG_KEY_SIZE, 224),
Shawn Willden6bbe6782014-09-18 11:26:15 -0600[diff] [blame]1066 };
1067
1068 string pk8_key = read_file("ec_privkey_pk8.der");
1069 ASSERT_EQ(138U, pk8_key.size());
1070
1071 ImportKeyRequest import_request;
1072 import_request.key_description.Reinitialize(params, array_length(params));
1073 import_request.key_format = KM_KEY_FORMAT_PKCS8;
1074 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
1075
1076 ImportKeyResponse import_response;
1077 device.ImportKey(import_request, &import_response);
1078 ASSERT_EQ(KM_ERROR_IMPORT_PARAMETER_MISMATCH, import_response.error);
1079}
1080
Shawn Willden2665e862014-11-24 14:46:21 -0700[diff] [blame]1081typedef KeymasterTest VersionTest;
1082TEST_F(VersionTest, GetVersion) {
1083 GetVersionRequest req;
1084 GetVersionResponse rsp;
1085 device.GetVersion(req, &rsp);
1086 EXPECT_EQ(KM_ERROR_OK, rsp.error);
1087 EXPECT_EQ(1, rsp.major_ver);
1088 EXPECT_EQ(0, rsp.minor_ver);
1089 EXPECT_EQ(0, rsp.subminor_ver);
1090}
1091
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame^]1092/**
1093 * Test class that provides some infrastructure for generating keys and encrypting messages.
1094 */
1095class EncryptionOperationsTest : public KeymasterTest {
1096 protected:
1097 void GenerateKey(keymaster_algorithm_t algorithm, keymaster_padding_t padding,
1098 uint32_t key_size) {
1099 keymaster_key_param_t params[] = {
1100 Authorization(TAG_PURPOSE, KM_PURPOSE_ENCRYPT),
1101 Authorization(TAG_PURPOSE, KM_PURPOSE_DECRYPT), Authorization(TAG_ALGORITHM, algorithm),
1102 Authorization(TAG_KEY_SIZE, key_size), Authorization(TAG_USER_ID, 7),
1103 Authorization(TAG_USER_AUTH_ID, 8), Authorization(TAG_APPLICATION_ID, "app_id", 6),
1104 Authorization(TAG_AUTH_TIMEOUT, 300),
1105 };
1106 GenerateKeyRequest generate_request;
1107 generate_request.key_description.Reinitialize(params, array_length(params));
1108 if (static_cast<int>(padding) != -1)
1109 generate_request.key_description.push_back(TAG_PADDING, padding);
1110 device.GenerateKey(generate_request, &generate_response_);
1111 EXPECT_EQ(KM_ERROR_OK, generate_response_.error);
1112 }
1113
1114 keymaster_error_t BeginOperation(keymaster_purpose_t purpose,
1115 const keymaster_key_blob_t& key_blob, uint64_t* op_handle) {
1116 BeginOperationRequest begin_request;
1117 begin_request.SetKeyMaterial(key_blob);
1118 begin_request.purpose = purpose;
1119 AddClientParams(&begin_request.additional_params);
1120
1121 BeginOperationResponse begin_response;
1122 device.BeginOperation(begin_request, &begin_response);
1123 *op_handle = begin_response.op_handle;
1124 return begin_response.error;
1125 }
1126
1127 keymaster_error_t UpdateOperation(uint64_t op_handle, const void* message, size_t size,
1128 string* output) {
1129 UpdateOperationRequest update_request;
1130 update_request.op_handle = op_handle;
1131 update_request.input.Reinitialize(message, size);
1132
1133 UpdateOperationResponse update_response;
1134 device.UpdateOperation(update_request, &update_response);
1135 if (update_response.error == KM_ERROR_OK)
1136 output->append(reinterpret_cast<const char*>(update_response.output.peek_read()),
1137 update_response.output.available_read());
1138 return update_response.error;
1139 }
1140
1141 keymaster_error_t FinishOperation(uint64_t op_handle, string* output) {
1142 FinishOperationRequest finish_request;
1143 finish_request.op_handle = op_handle;
1144 FinishOperationResponse finish_response;
1145 device.FinishOperation(finish_request, &finish_response);
1146 if (finish_response.error == KM_ERROR_OK)
1147 output->append(reinterpret_cast<const char*>(finish_response.output.peek_read()),
1148 finish_response.output.available_read());
1149 return finish_response.error;
1150 }
1151
1152 string ProcessMessage(keymaster_purpose_t purpose, const keymaster_key_blob_t& key_blob,
1153 const void* message, size_t size) {
1154 uint64_t op_handle;
1155 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, key_blob, &op_handle));
1156
1157 string result;
1158 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(op_handle, message, size, &result));
1159 EXPECT_EQ(KM_ERROR_OK, FinishOperation(op_handle, &result));
1160 return result;
1161 }
1162
1163 string EncryptMessage(const void* message, size_t size) {
1164 return ProcessMessage(KM_PURPOSE_ENCRYPT, generate_response_.key_blob, message, size);
1165 }
1166
1167 string DecryptMessage(const void* ciphertext, size_t size) {
1168 return ProcessMessage(KM_PURPOSE_DECRYPT, generate_response_.key_blob, ciphertext, size);
1169 }
1170
1171 void AddClientParams(AuthorizationSet* set) { set->push_back(TAG_APPLICATION_ID, "app_id", 6); }
1172
1173 const keymaster_key_blob_t& key_blob() { return generate_response_.key_blob; }
1174
1175 const keymaster_key_blob_t& corrupt_key_blob() {
1176 uint8_t* tmp = const_cast<uint8_t*>(generate_response_.key_blob.key_material);
1177 ++tmp[generate_response_.key_blob.key_material_size / 2];
1178 return generate_response_.key_blob;
1179 }
1180
1181 protected:
1182 GenerateKeyResponse generate_response_;
1183};
1184
1185TEST_F(EncryptionOperationsTest, RsaOaepSuccess) {
1186 GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_OAEP, 512);
1187 const char message[] = "Hello World!";
1188 string ciphertext1 = EncryptMessage(message, strlen(message));
1189 EXPECT_EQ(512 / 8, ciphertext1.size());
1190
1191 string ciphertext2 = EncryptMessage(message, strlen(message));
1192 EXPECT_EQ(512 / 8, ciphertext2.size());
1193
1194 // OAEP randomizes padding so every result should be different.
1195 EXPECT_NE(ciphertext1, ciphertext2);
1196}
1197
1198TEST_F(EncryptionOperationsTest, RsaOaepRoundTrip) {
1199 GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_OAEP, 512);
1200 const char message[] = "Hello World!";
1201 string ciphertext = EncryptMessage(message, strlen(message));
1202 EXPECT_EQ(512 / 8, ciphertext.size());
1203
1204 string plaintext = DecryptMessage(ciphertext.data(), ciphertext.size());
1205 EXPECT_EQ(message, plaintext);
1206}
1207
1208TEST_F(EncryptionOperationsTest, RsaOaepTooLarge) {
1209 GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_OAEP, 512);
1210 const char message[] = "12345678901234567890123";
1211 uint64_t op_handle;
1212 string result;
1213
1214 EXPECT_EQ(KM_ERROR_OK,
1215 BeginOperation(KM_PURPOSE_ENCRYPT, generate_response_.key_blob, &op_handle));
1216 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(op_handle, message, array_size(message), &result));
1217 EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, FinishOperation(op_handle, &result));
1218 EXPECT_EQ(0, result.size());
1219}
1220
1221TEST_F(EncryptionOperationsTest, RsaOaepCorruptedDecrypt) {
1222 GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_OAEP, 512);
1223 const char message[] = "Hello World!";
1224 string ciphertext = EncryptMessage(message, strlen(message));
1225 EXPECT_EQ(512 / 8, ciphertext.size());
1226
1227 // Corrupt the ciphertext
1228 ciphertext[512 / 8 / 2]++;
1229
1230 uint64_t op_handle;
1231 string result;
1232 EXPECT_EQ(KM_ERROR_OK,
1233 BeginOperation(KM_PURPOSE_DECRYPT, generate_response_.key_blob, &op_handle));
1234 EXPECT_EQ(KM_ERROR_OK,
1235 UpdateOperation(op_handle, ciphertext.data(), ciphertext.size(), &result));
1236 EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, FinishOperation(op_handle, &result));
1237 EXPECT_EQ(0, result.size());
1238}
1239
1240TEST_F(EncryptionOperationsTest, RsaPkcs1Success) {
1241 GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_PKCS1_1_5_ENCRYPT, 512);
1242 const char message[] = "Hello World!";
1243 string ciphertext1 = EncryptMessage(message, strlen(message));
1244 EXPECT_EQ(512 / 8, ciphertext1.size());
1245
1246 string ciphertext2 = EncryptMessage(message, strlen(message));
1247 EXPECT_EQ(512 / 8, ciphertext2.size());
1248
1249 // PKCS1 v1.5 randomizes padding so every result should be different.
1250 EXPECT_NE(ciphertext1, ciphertext2);
1251}
1252
1253TEST_F(EncryptionOperationsTest, RsaPkcs1RoundTrip) {
1254 GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_PKCS1_1_5_ENCRYPT, 512);
1255 const char message[] = "Hello World!";
1256 string ciphertext = EncryptMessage(message, strlen(message));
1257 EXPECT_EQ(512 / 8, ciphertext.size());
1258
1259 string plaintext = DecryptMessage(ciphertext.data(), ciphertext.size());
1260 EXPECT_EQ(message, plaintext);
1261}
1262
1263TEST_F(EncryptionOperationsTest, RsaPkcs1TooLarge) {
1264 GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_PKCS1_1_5_ENCRYPT, 512);
1265 const char message[] = "1234567890123456789012345678901234567890123456789012";
1266 uint64_t op_handle;
1267 string result;
1268
1269 EXPECT_EQ(KM_ERROR_OK,
1270 BeginOperation(KM_PURPOSE_ENCRYPT, generate_response_.key_blob, &op_handle));
1271 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(op_handle, message, array_size(message), &result));
1272 EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, FinishOperation(op_handle, &result));
1273 EXPECT_EQ(0, result.size());
1274}
1275
1276TEST_F(EncryptionOperationsTest, RsaPkcs1CorruptedDecrypt) {
1277 GenerateKey(KM_ALGORITHM_RSA, KM_PAD_RSA_PKCS1_1_5_ENCRYPT, 512);
1278 const char message[] = "Hello World!";
1279 string ciphertext = EncryptMessage(message, strlen(message));
1280 EXPECT_EQ(512 / 8, ciphertext.size());
1281
1282 // Corrupt the ciphertext
1283 ciphertext[512 / 8 / 2]++;
1284
1285 uint64_t op_handle;
1286 string result;
1287 EXPECT_EQ(KM_ERROR_OK,
1288 BeginOperation(KM_PURPOSE_DECRYPT, generate_response_.key_blob, &op_handle));
1289 EXPECT_EQ(KM_ERROR_OK,
1290 UpdateOperation(op_handle, ciphertext.data(), ciphertext.size(), &result));
1291 EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, FinishOperation(op_handle, &result));
1292 EXPECT_EQ(0, result.size());
1293}
1294
Shawn Willden128ffe02014-08-06 12:31:33 -0600[diff] [blame]1295} // namespace test
1296} // namespace keymaster