Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / keymaster / 7636471bd1c553ac179f0dddc17133491d0e1faf / . / authorization_set_test.cpp
blob: d8c01676db32daf6422105156b0f8975215822f6 [file] [log] [blame]
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <gtest/gtest.h>
18
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]19#define KEYMASTER_NAME_TAGS
20
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]21#include "authorization_set.h"
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame^]22#include "google_keymaster_test_utils.h"
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]23#include "google_keymaster_utils.h"
24
25int main(int argc, char** argv) {
26 ::testing::InitGoogleTest(&argc, argv);
27 int result = RUN_ALL_TESTS();
28 return result;
29}
30
31namespace keymaster {
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]32
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]33namespace test {
34
35TEST(Construction, ListProvided) {
36 keymaster_key_param_t params[] = {
37 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
38 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
39 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
40 Authorization(TAG_USER_ID, 7),
41 Authorization(TAG_USER_AUTH_ID, 8),
42 Authorization(TAG_APPLICATION_ID, "my_app", 6),
43 Authorization(TAG_KEY_SIZE, 256),
44 Authorization(TAG_AUTH_TIMEOUT, 300),
45 };
46 AuthorizationSet set(params, array_length(params));
47 EXPECT_EQ(8U, set.size());
48}
49
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]50TEST(Construction, Copy) {
51 keymaster_key_param_t params[] = {
52 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
53 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
54 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
55 Authorization(TAG_USER_ID, 7),
56 Authorization(TAG_USER_AUTH_ID, 8),
57 Authorization(TAG_APPLICATION_ID, "my_app", 6),
58 Authorization(TAG_KEY_SIZE, 256),
59 Authorization(TAG_AUTH_TIMEOUT, 300),
60 };
61 AuthorizationSet set(params, array_length(params));
62 AuthorizationSet set2(set);
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame^]63 EXPECT_EQ(set, set2);
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]64}
65
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]66TEST(Lookup, NonRepeated) {
67 keymaster_key_param_t params[] = {
68 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
69 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
70 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
71 Authorization(TAG_USER_ID, 7),
72 Authorization(TAG_USER_AUTH_ID, 8),
73 Authorization(TAG_APPLICATION_ID, "my_app", 6),
74 Authorization(TAG_KEY_SIZE, 256),
75 Authorization(TAG_AUTH_TIMEOUT, 300),
76 };
77 AuthorizationSet set(params, array_length(params));
78 EXPECT_EQ(8U, set.size());
79
80 int pos = set.find(TAG_ALGORITHM);
81 ASSERT_NE(-1, pos);
82 EXPECT_EQ(KM_TAG_ALGORITHM, set[pos].tag);
83 EXPECT_EQ(KM_ALGORITHM_RSA, set[pos].enumerated);
84
85 pos = set.find(TAG_MAC_LENGTH);
86 EXPECT_EQ(-1, pos);
87
88 uint32_t int_val = 0;
89 EXPECT_TRUE(set.GetTagValue(TAG_USER_ID, &int_val));
90 EXPECT_EQ(7U, int_val);
91
92 keymaster_blob_t blob_val;
93 EXPECT_TRUE(set.GetTagValue(TAG_APPLICATION_ID, &blob_val));
94 EXPECT_EQ(6U, blob_val.data_length);
95 EXPECT_EQ(0, memcmp(blob_val.data, "my_app", 6));
96}
97
98TEST(Lookup, Repeated) {
99 keymaster_key_param_t params[] = {
100 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
101 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
102 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
103 Authorization(TAG_USER_ID, 7),
104 Authorization(TAG_USER_AUTH_ID, 8),
105 Authorization(TAG_APPLICATION_ID, "my_app", 6),
106 Authorization(TAG_KEY_SIZE, 256),
107 Authorization(TAG_AUTH_TIMEOUT, 300),
108 };
109 AuthorizationSet set(params, array_length(params));
110 EXPECT_EQ(8U, set.size());
111
112 int pos = set.find(TAG_PURPOSE);
113 ASSERT_FALSE(pos == -1);
114 EXPECT_EQ(KM_TAG_PURPOSE, set[pos].tag);
115 EXPECT_EQ(KM_PURPOSE_SIGN, set[pos].enumerated);
116
117 pos = set.find(TAG_PURPOSE, pos);
118 EXPECT_EQ(KM_TAG_PURPOSE, set[pos].tag);
119 EXPECT_EQ(KM_PURPOSE_VERIFY, set[pos].enumerated);
120
121 EXPECT_EQ(-1, set.find(TAG_PURPOSE, pos));
122}
123
124TEST(Lookup, Indexed) {
125 keymaster_key_param_t params[] = {
126 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
127 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
128 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
129 Authorization(TAG_USER_ID, 7),
130 Authorization(TAG_USER_AUTH_ID, 8),
131 Authorization(TAG_APPLICATION_ID, "my_app", 6),
132 Authorization(TAG_KEY_SIZE, 256),
133 Authorization(TAG_AUTH_TIMEOUT, 300),
134 };
135 AuthorizationSet set(params, array_length(params));
136 EXPECT_EQ(8U, set.size());
137
138 EXPECT_EQ(KM_TAG_PURPOSE, set[0].tag);
139 EXPECT_EQ(KM_PURPOSE_SIGN, set[0].enumerated);
140
141 // Lookup beyond end doesn't work, just returns zeros, but doens't blow up either (verify by
142 // running under valgrind).
143 EXPECT_EQ(KM_TAG_INVALID, set[10].tag);
144}
145
146TEST(Serialization, RoundTrip) {
147 keymaster_key_param_t params[] = {
148 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
149 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
150 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
151 Authorization(TAG_USER_ID, 7),
152 Authorization(TAG_USER_AUTH_ID, 8),
153 Authorization(TAG_APPLICATION_ID, "my_app", 6),
154 Authorization(TAG_KEY_SIZE, 256),
155 Authorization(TAG_AUTH_TIMEOUT, 300),
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]156 Authorization(TAG_ALL_USERS),
157 Authorization(TAG_RSA_PUBLIC_EXPONENT, 3),
158 Authorization(TAG_ACTIVE_DATETIME, 10),
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]159 };
160 AuthorizationSet set(params, array_length(params));
161
162 size_t size = set.SerializedSize();
163 EXPECT_TRUE(size > 0);
164
165 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]166 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]167 AuthorizationSet deserialized(buf.get(), size);
168
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]169 EXPECT_EQ(AuthorizationSet::OK, deserialized.is_valid());
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame^]170 EXPECT_EQ(set, deserialized);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]171
172 int pos = deserialized.find(TAG_APPLICATION_ID);
173 ASSERT_NE(-1, pos);
174 EXPECT_EQ(KM_TAG_APPLICATION_ID, deserialized[pos].tag);
175 EXPECT_EQ(6U, deserialized[pos].blob.data_length);
176 EXPECT_EQ(0, memcmp(deserialized[pos].blob.data, "my_app", 6));
177}
178
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]179TEST(Deserialization, Deserialize) {
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]180 keymaster_key_param_t params[] = {
181 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
182 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
183 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
184 Authorization(TAG_USER_ID, 7),
185 Authorization(TAG_USER_AUTH_ID, 8),
186 Authorization(TAG_APPLICATION_ID, "my_app", 6),
187 Authorization(TAG_KEY_SIZE, 256),
188 Authorization(TAG_AUTH_TIMEOUT, 300),
189 };
190 AuthorizationSet set(params, array_length(params));
191
192 size_t size = set.SerializedSize();
193 EXPECT_TRUE(size > 0);
194
195 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]196 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]197 AuthorizationSet deserialized;
198 const uint8_t* p = buf.get();
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]199 EXPECT_TRUE(deserialized.Deserialize(&p, p + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]200 EXPECT_EQ(p, buf.get() + size);
201
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]202 EXPECT_EQ(AuthorizationSet::OK, deserialized.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]203
204 EXPECT_EQ(set.size(), deserialized.size());
205 for (size_t i = 0; i < set.size(); ++i) {
206 EXPECT_EQ(set[i].tag, deserialized[i].tag);
207 }
208
209 int pos = deserialized.find(TAG_APPLICATION_ID);
210 ASSERT_NE(-1, pos);
211 EXPECT_EQ(KM_TAG_APPLICATION_ID, deserialized[pos].tag);
212 EXPECT_EQ(6U, deserialized[pos].blob.data_length);
213 EXPECT_EQ(0, memcmp(deserialized[pos].blob.data, "my_app", 6));
214}
215
216TEST(Deserialization, TooShortBuffer) {
217 uint8_t buf[] = {0, 0, 0};
218 AuthorizationSet deserialized(buf, array_length(buf));
219 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
220
221 const uint8_t* p = buf;
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]222 EXPECT_FALSE(deserialized.Deserialize(&p, p + array_length(buf)));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]223 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
224}
225
226TEST(Deserialization, InvalidLengthField) {
227 keymaster_key_param_t params[] = {
228 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
229 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
230 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
231 Authorization(TAG_USER_ID, 7),
232 Authorization(TAG_USER_AUTH_ID, 8),
233 Authorization(TAG_APPLICATION_ID, "my_app", 6),
234 Authorization(TAG_KEY_SIZE, 256),
235 Authorization(TAG_AUTH_TIMEOUT, 300),
236 };
237 AuthorizationSet set(params, array_length(params));
238
239 size_t size = set.SerializedSize();
240 EXPECT_TRUE(size > 0);
241
242 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]243 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]244 *reinterpret_cast<uint32_t*>(buf.get()) = 9;
245
246 AuthorizationSet deserialized(buf.get(), size);
247 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
248
249 const uint8_t* p = buf.get();
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]250 EXPECT_FALSE(deserialized.Deserialize(&p, p + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]251 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
252}
253
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]254static uint32_t read_uint32(const uint8_t* buf) {
255 uint32_t val;
256 memcpy(&val, buf, sizeof(val));
257 return val;
258}
259
260static void add_to_uint32(uint8_t* buf, int delta) {
261 uint32_t val;
262 memcpy(&val, buf, sizeof(val));
263 val += delta;
264 memcpy(buf, &val, sizeof(val));
265}
266
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]267TEST(Deserialization, MalformedIndirectData) {
268 keymaster_key_param_t params[] = {
269 Authorization(TAG_APPLICATION_ID, "my_app", 6),
270 Authorization(TAG_APPLICATION_DATA, "foo", 3),
271 };
272 AuthorizationSet set(params, array_length(params));
273 size_t size = set.SerializedSize();
274
275 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]276 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]277
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]278 // This sucks. This test, as written, requires intimate knowledge of the serialized layout of
279 // this particular set, which means it's brittle. But it's important to test that we handle
280 // broken serialized data and I can't think of a better way to write this.
281 //
282 // The contents of buf are:
283 //
284 // Bytes: Content:
285 // 0-3 Length of string data, which is 9.
286 // 4-9 "my_app"
287 // 10-12 "foo"
288 // 13-16 Number of elements, which is 2.
289 // 17-20 Length of elements, which is 24.
290 // 21-24 First tag, TAG_APPLICATION_ID
291 // 25-28 Length of string "my_app", 6
292 // 29-32 Offset of string "my_app", 0
293 // 33-36 Second tag, TAG_APPLICATION_DATA
294 // 37-40 Length of string "foo", 3
295 // 41-44 Offset of string "foo", 6
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]296
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]297 // Check that stuff is where we think.
298 EXPECT_EQ('m', buf[4]);
299 EXPECT_EQ('f', buf[10]);
300 // Length of "my_app"
301 EXPECT_EQ(6U, read_uint32(buf.get() + 25));
302 // Offset of "my_app"
303 EXPECT_EQ(0U, read_uint32(buf.get() + 29));
304 // Length of "foo"
305 EXPECT_EQ(3U, read_uint32(buf.get() + 37));
306 // Offset of "foo"
307 EXPECT_EQ(6U, read_uint32(buf.get() + 41));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]308
309 // Check that deserialization works.
310 AuthorizationSet deserialized1(buf.get(), size);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]311 EXPECT_EQ(AuthorizationSet::OK, deserialized1.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]312
313 const uint8_t* p = buf.get();
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]314 EXPECT_TRUE(deserialized1.Deserialize(&p, p + size));
315 EXPECT_EQ(AuthorizationSet::OK, deserialized1.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]316
317 //
318 // Now mess them up in various ways:
319 //
320
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]321 // Move "foo" offset so offset + length goes off the end
322 add_to_uint32(buf.get() + 41, 1);
323 AuthorizationSet deserialized2(buf.get(), size);
324 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized2.is_valid());
325 add_to_uint32(buf.get() + 41, -1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]326
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]327 // Shorten the "my_app" length to make a gap between the blobs.
328 add_to_uint32(buf.get() + 25, -1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]329 AuthorizationSet deserialized3(buf.get(), size);
330 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized3.is_valid());
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]331 add_to_uint32(buf.get() + 25, 1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]332
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame]333 // Extend the "my_app" length to make them overlap, and decrease the "foo" length to keep the
334 // total length the same. We don't detect this but should.
335 // TODO(swillden): Detect overlaps and holes that leave total size correct.
336 add_to_uint32(buf.get() + 25, 1);
337 add_to_uint32(buf.get() + 37, -1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]338 AuthorizationSet deserialized4(buf.get(), size);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]339 EXPECT_EQ(AuthorizationSet::OK, deserialized4.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]340}
341
342TEST(Growable, SuccessfulRoundTrip) {
343 keymaster_key_param_t elems_buf[20];
344 uint8_t data_buf[200];
345
346 AuthorizationSet growable;
347 EXPECT_TRUE(growable.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA)));
348 EXPECT_EQ(1U, growable.size());
349
350 EXPECT_TRUE(growable.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY)));
351 EXPECT_EQ(2U, growable.size());
352
353 EXPECT_TRUE(growable.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN)));
354 EXPECT_EQ(3U, growable.size());
355
356 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_ID, "data", 4)));
357 EXPECT_EQ(4U, growable.size());
358
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]359 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_DATA, "some more data", 14)));
360 EXPECT_EQ(5U, growable.size());
361
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]362 size_t serialize_size = growable.SerializedSize();
363 UniquePtr<uint8_t[]> serialized(new uint8_t[serialize_size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]364 EXPECT_EQ(serialized.get() + serialize_size,
365 growable.Serialize(serialized.get(), serialized.get() + serialize_size));
Shawn Willden834e8072014-08-09 16:38:53 -0600[diff] [blame]366
367 AuthorizationSet deserialized(serialized.get(), serialize_size);
368 EXPECT_EQ(growable, deserialized);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]369}
370
371TEST(Growable, InsufficientElemBuf) {
372 keymaster_key_param_t elems_buf[1];
373 uint8_t data_buf[200];
374
375 AuthorizationSet growable;
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]376 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]377
378 // First insertion fits.
379 EXPECT_TRUE(growable.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA)));
380 EXPECT_EQ(1U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]381 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]382
383 // Second does too.
384 EXPECT_TRUE(growable.push_back(Authorization(TAG_RSA_PUBLIC_EXPONENT, 3)));
385 EXPECT_EQ(2U, growable.size());
386}
387
388TEST(Growable, InsufficientIndirectBuf) {
389 keymaster_key_param_t elems_buf[3];
390 uint8_t data_buf[10];
391
392 AuthorizationSet growable;
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]393 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]394
395 EXPECT_TRUE(growable.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA)));
396 EXPECT_EQ(1U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]397 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]398
399 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_ID, "1234567890", 10)));
400 EXPECT_EQ(2U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]401 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]402
403 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_DATA, "1", 1)));
404 EXPECT_EQ(3U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]405 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]406
407 // Can still add another entry without indirect data. Now it's full.
408 EXPECT_TRUE(growable.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN)));
409 EXPECT_EQ(4U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]410 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]411}
412
413TEST(GetValue, GetInt) {
414 keymaster_key_param_t params[] = {
415 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
416 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
417 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
418 Authorization(TAG_USER_ID, 7),
419 Authorization(TAG_USER_AUTH_ID, 8),
420 Authorization(TAG_APPLICATION_ID, "my_app", 6),
421 Authorization(TAG_AUTH_TIMEOUT, 300),
422 };
423 AuthorizationSet set(params, array_length(params));
424
425 uint32_t val;
426 EXPECT_TRUE(set.GetTagValue(TAG_USER_ID, &val));
427 EXPECT_EQ(7U, val);
428
429 // Find one that isn't there
430 EXPECT_FALSE(set.GetTagValue(TAG_KEY_SIZE, &val));
431}
432
433TEST(GetValue, GetIntRep) {
434 keymaster_key_param_t params[] = {
435 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
436 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
437 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
438 Authorization(TAG_USER_ID, 7),
439 Authorization(TAG_USER_AUTH_ID, 8),
440 Authorization(TAG_APPLICATION_ID, "my_app", 6),
441 Authorization(TAG_AUTH_TIMEOUT, 300),
442 };
443 AuthorizationSet set(params, array_length(params));
444
445 uint32_t val;
446 EXPECT_TRUE(set.GetTagValue(TAG_USER_AUTH_ID, 0, &val));
447 EXPECT_EQ(8U, val);
448
449 // Find one that isn't there
450 EXPECT_FALSE(set.GetTagValue(TAG_USER_AUTH_ID, 1, &val));
451}
452
453TEST(GetValue, GetLong) {
454 keymaster_key_param_t params1[] = {
455 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
456 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
457 keymaster_param_long(TAG_RSA_PUBLIC_EXPONENT, 3),
458 };
459 AuthorizationSet set1(params1, array_length(params1));
460
461 keymaster_key_param_t params2[] = {
462 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
463 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
464 };
465 AuthorizationSet set2(params2, array_length(params2));
466
467 uint64_t val;
468 EXPECT_TRUE(set1.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &val));
469 EXPECT_EQ(3U, val);
470
471 // Find one that isn't there
472 EXPECT_FALSE(set2.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &val));
473}
474
475TEST(GetValue, GetEnum) {
476 keymaster_key_param_t params[] = {
477 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
478 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
479 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
480 Authorization(TAG_USER_ID, 7),
481 Authorization(TAG_USER_AUTH_ID, 8),
482 Authorization(TAG_APPLICATION_ID, "my_app", 6),
483 Authorization(TAG_AUTH_TIMEOUT, 300),
484 };
485 AuthorizationSet set(params, array_length(params));
486
487 keymaster_algorithm_t val;
488 EXPECT_TRUE(set.GetTagValue(TAG_ALGORITHM, &val));
489 EXPECT_EQ(KM_ALGORITHM_RSA, val);
490
491 // Find one that isn't there
492 keymaster_padding_t val2;
493 EXPECT_FALSE(set.GetTagValue(TAG_PADDING, &val2));
494}
495
496TEST(GetValue, GetEnumRep) {
497 keymaster_key_param_t params[] = {
498 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
499 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
500 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
501 Authorization(TAG_USER_ID, 7),
502 Authorization(TAG_USER_AUTH_ID, 8),
503 Authorization(TAG_APPLICATION_ID, "my_app", 6),
504 Authorization(TAG_AUTH_TIMEOUT, 300),
505 };
506 AuthorizationSet set(params, array_length(params));
507
508 keymaster_purpose_t val;
509 EXPECT_TRUE(set.GetTagValue(TAG_PURPOSE, 0, &val));
510 EXPECT_EQ(KM_PURPOSE_SIGN, val);
511 EXPECT_TRUE(set.GetTagValue(TAG_PURPOSE, 1, &val));
512 EXPECT_EQ(KM_PURPOSE_VERIFY, val);
513
514 // Find one that isn't there
515 EXPECT_FALSE(set.GetTagValue(TAG_PURPOSE, 2, &val));
516}
517
518TEST(GetValue, GetDate) {
519 keymaster_key_param_t params[] = {
520 Authorization(TAG_ACTIVE_DATETIME, 10),
521 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
522 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
523 Authorization(TAG_USER_ID, 7),
524 Authorization(TAG_USER_AUTH_ID, 8),
525 Authorization(TAG_APPLICATION_ID, "my_app", 6),
526 Authorization(TAG_AUTH_TIMEOUT, 300),
527 };
528 AuthorizationSet set(params, array_length(params));
529
530 uint64_t val;
531 EXPECT_TRUE(set.GetTagValue(TAG_ACTIVE_DATETIME, &val));
532 EXPECT_EQ(10U, val);
533
534 // Find one that isn't there
535 EXPECT_FALSE(set.GetTagValue(TAG_USAGE_EXPIRE_DATETIME, &val));
536}
537
538TEST(GetValue, GetBlob) {
539 keymaster_key_param_t params[] = {
540 Authorization(TAG_ACTIVE_DATETIME, 10),
541 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
542 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
543 Authorization(TAG_USER_ID, 7),
544 Authorization(TAG_USER_AUTH_ID, 8),
545 Authorization(TAG_APPLICATION_ID, "my_app", 6),
546 Authorization(TAG_AUTH_TIMEOUT, 300),
547 };
548 AuthorizationSet set(params, array_length(params));
549
550 keymaster_blob_t val;
551 EXPECT_TRUE(set.GetTagValue(TAG_APPLICATION_ID, &val));
552 EXPECT_EQ(6U, val.data_length);
553 EXPECT_EQ(0, memcmp(val.data, "my_app", 6));
554
555 // Find one that isn't there
556 EXPECT_FALSE(set.GetTagValue(TAG_APPLICATION_DATA, &val));
557}
558
559} // namespace test
560} // namespace keymaster