Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / keymaster / 8d336ae10df66da4c0433f17c2d42e85baea32c5 / . / authorization_set_test.cpp
blob: 0bdfb11cf2a2718f4a9741670734cccb3d5906f5 [file] [log] [blame]
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <gtest/gtest.h>
18
19#include "authorization_set.h"
20#include "google_keymaster_utils.h"
21
22int main(int argc, char** argv) {
23 ::testing::InitGoogleTest(&argc, argv);
24 int result = RUN_ALL_TESTS();
25 return result;
26}
27
28namespace keymaster {
29namespace test {
30
31TEST(Construction, ListProvided) {
32 keymaster_key_param_t params[] = {
33 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
34 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
35 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
36 Authorization(TAG_USER_ID, 7),
37 Authorization(TAG_USER_AUTH_ID, 8),
38 Authorization(TAG_APPLICATION_ID, "my_app", 6),
39 Authorization(TAG_KEY_SIZE, 256),
40 Authorization(TAG_AUTH_TIMEOUT, 300),
41 };
42 AuthorizationSet set(params, array_length(params));
43 EXPECT_EQ(8U, set.size());
44}
45
46TEST(Lookup, NonRepeated) {
47 keymaster_key_param_t params[] = {
48 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
49 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
50 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
51 Authorization(TAG_USER_ID, 7),
52 Authorization(TAG_USER_AUTH_ID, 8),
53 Authorization(TAG_APPLICATION_ID, "my_app", 6),
54 Authorization(TAG_KEY_SIZE, 256),
55 Authorization(TAG_AUTH_TIMEOUT, 300),
56 };
57 AuthorizationSet set(params, array_length(params));
58 EXPECT_EQ(8U, set.size());
59
60 int pos = set.find(TAG_ALGORITHM);
61 ASSERT_NE(-1, pos);
62 EXPECT_EQ(KM_TAG_ALGORITHM, set[pos].tag);
63 EXPECT_EQ(KM_ALGORITHM_RSA, set[pos].enumerated);
64
65 pos = set.find(TAG_MAC_LENGTH);
66 EXPECT_EQ(-1, pos);
67
68 uint32_t int_val = 0;
69 EXPECT_TRUE(set.GetTagValue(TAG_USER_ID, &int_val));
70 EXPECT_EQ(7U, int_val);
71
72 keymaster_blob_t blob_val;
73 EXPECT_TRUE(set.GetTagValue(TAG_APPLICATION_ID, &blob_val));
74 EXPECT_EQ(6U, blob_val.data_length);
75 EXPECT_EQ(0, memcmp(blob_val.data, "my_app", 6));
76}
77
78TEST(Lookup, Repeated) {
79 keymaster_key_param_t params[] = {
80 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
81 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
82 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
83 Authorization(TAG_USER_ID, 7),
84 Authorization(TAG_USER_AUTH_ID, 8),
85 Authorization(TAG_APPLICATION_ID, "my_app", 6),
86 Authorization(TAG_KEY_SIZE, 256),
87 Authorization(TAG_AUTH_TIMEOUT, 300),
88 };
89 AuthorizationSet set(params, array_length(params));
90 EXPECT_EQ(8U, set.size());
91
92 int pos = set.find(TAG_PURPOSE);
93 ASSERT_FALSE(pos == -1);
94 EXPECT_EQ(KM_TAG_PURPOSE, set[pos].tag);
95 EXPECT_EQ(KM_PURPOSE_SIGN, set[pos].enumerated);
96
97 pos = set.find(TAG_PURPOSE, pos);
98 EXPECT_EQ(KM_TAG_PURPOSE, set[pos].tag);
99 EXPECT_EQ(KM_PURPOSE_VERIFY, set[pos].enumerated);
100
101 EXPECT_EQ(-1, set.find(TAG_PURPOSE, pos));
102}
103
104TEST(Lookup, Indexed) {
105 keymaster_key_param_t params[] = {
106 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
107 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
108 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
109 Authorization(TAG_USER_ID, 7),
110 Authorization(TAG_USER_AUTH_ID, 8),
111 Authorization(TAG_APPLICATION_ID, "my_app", 6),
112 Authorization(TAG_KEY_SIZE, 256),
113 Authorization(TAG_AUTH_TIMEOUT, 300),
114 };
115 AuthorizationSet set(params, array_length(params));
116 EXPECT_EQ(8U, set.size());
117
118 EXPECT_EQ(KM_TAG_PURPOSE, set[0].tag);
119 EXPECT_EQ(KM_PURPOSE_SIGN, set[0].enumerated);
120
121 // Lookup beyond end doesn't work, just returns zeros, but doens't blow up either (verify by
122 // running under valgrind).
123 EXPECT_EQ(KM_TAG_INVALID, set[10].tag);
124}
125
126TEST(Serialization, RoundTrip) {
127 keymaster_key_param_t params[] = {
128 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
129 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
130 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
131 Authorization(TAG_USER_ID, 7),
132 Authorization(TAG_USER_AUTH_ID, 8),
133 Authorization(TAG_APPLICATION_ID, "my_app", 6),
134 Authorization(TAG_KEY_SIZE, 256),
135 Authorization(TAG_AUTH_TIMEOUT, 300),
136 };
137 AuthorizationSet set(params, array_length(params));
138
139 size_t size = set.SerializedSize();
140 EXPECT_TRUE(size > 0);
141
142 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]143 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]144 AuthorizationSet deserialized(buf.get(), size);
145
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]146 EXPECT_EQ(AuthorizationSet::OK, deserialized.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]147
148 EXPECT_EQ(set.size(), deserialized.size());
149 for (size_t i = 0; i < set.size(); ++i) {
150 EXPECT_EQ(set[i].tag, deserialized[i].tag);
151 }
152
153 int pos = deserialized.find(TAG_APPLICATION_ID);
154 ASSERT_NE(-1, pos);
155 EXPECT_EQ(KM_TAG_APPLICATION_ID, deserialized[pos].tag);
156 EXPECT_EQ(6U, deserialized[pos].blob.data_length);
157 EXPECT_EQ(0, memcmp(deserialized[pos].blob.data, "my_app", 6));
158}
159
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]160TEST(Deserialization, Deserialize) {
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]161 keymaster_key_param_t params[] = {
162 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
163 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
164 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
165 Authorization(TAG_USER_ID, 7),
166 Authorization(TAG_USER_AUTH_ID, 8),
167 Authorization(TAG_APPLICATION_ID, "my_app", 6),
168 Authorization(TAG_KEY_SIZE, 256),
169 Authorization(TAG_AUTH_TIMEOUT, 300),
170 };
171 AuthorizationSet set(params, array_length(params));
172
173 size_t size = set.SerializedSize();
174 EXPECT_TRUE(size > 0);
175
176 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]177 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]178 AuthorizationSet deserialized;
179 const uint8_t* p = buf.get();
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]180 EXPECT_TRUE(deserialized.Deserialize(&p, p + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]181 EXPECT_EQ(p, buf.get() + size);
182
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]183 EXPECT_EQ(AuthorizationSet::OK, deserialized.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]184
185 EXPECT_EQ(set.size(), deserialized.size());
186 for (size_t i = 0; i < set.size(); ++i) {
187 EXPECT_EQ(set[i].tag, deserialized[i].tag);
188 }
189
190 int pos = deserialized.find(TAG_APPLICATION_ID);
191 ASSERT_NE(-1, pos);
192 EXPECT_EQ(KM_TAG_APPLICATION_ID, deserialized[pos].tag);
193 EXPECT_EQ(6U, deserialized[pos].blob.data_length);
194 EXPECT_EQ(0, memcmp(deserialized[pos].blob.data, "my_app", 6));
195}
196
197TEST(Deserialization, TooShortBuffer) {
198 uint8_t buf[] = {0, 0, 0};
199 AuthorizationSet deserialized(buf, array_length(buf));
200 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
201
202 const uint8_t* p = buf;
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]203 EXPECT_FALSE(deserialized.Deserialize(&p, p + array_length(buf)));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]204 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
205}
206
207TEST(Deserialization, InvalidLengthField) {
208 keymaster_key_param_t params[] = {
209 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
210 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
211 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
212 Authorization(TAG_USER_ID, 7),
213 Authorization(TAG_USER_AUTH_ID, 8),
214 Authorization(TAG_APPLICATION_ID, "my_app", 6),
215 Authorization(TAG_KEY_SIZE, 256),
216 Authorization(TAG_AUTH_TIMEOUT, 300),
217 };
218 AuthorizationSet set(params, array_length(params));
219
220 size_t size = set.SerializedSize();
221 EXPECT_TRUE(size > 0);
222
223 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]224 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]225 *reinterpret_cast<uint32_t*>(buf.get()) = 9;
226
227 AuthorizationSet deserialized(buf.get(), size);
228 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
229
230 const uint8_t* p = buf.get();
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]231 EXPECT_FALSE(deserialized.Deserialize(&p, p + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]232 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized.is_valid());
233}
234
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame^]235static uint32_t read_uint32(const uint8_t* buf) {
236 uint32_t val;
237 memcpy(&val, buf, sizeof(val));
238 return val;
239}
240
241static void add_to_uint32(uint8_t* buf, int delta) {
242 uint32_t val;
243 memcpy(&val, buf, sizeof(val));
244 val += delta;
245 memcpy(buf, &val, sizeof(val));
246}
247
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]248TEST(Deserialization, MalformedIndirectData) {
249 keymaster_key_param_t params[] = {
250 Authorization(TAG_APPLICATION_ID, "my_app", 6),
251 Authorization(TAG_APPLICATION_DATA, "foo", 3),
252 };
253 AuthorizationSet set(params, array_length(params));
254 size_t size = set.SerializedSize();
255
256 UniquePtr<uint8_t[]> buf(new uint8_t[size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]257 EXPECT_EQ(buf.get() + size, set.Serialize(buf.get(), buf.get() + size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]258
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame^]259 // This sucks. This test, as written, requires intimate knowledge of the serialized layout of
260 // this particular set, which means it's brittle. But it's important to test that we handle
261 // broken serialized data and I can't think of a better way to write this.
262 //
263 // The contents of buf are:
264 //
265 // Bytes: Content:
266 // 0-3 Length of string data, which is 9.
267 // 4-9 "my_app"
268 // 10-12 "foo"
269 // 13-16 Number of elements, which is 2.
270 // 17-20 Length of elements, which is 24.
271 // 21-24 First tag, TAG_APPLICATION_ID
272 // 25-28 Length of string "my_app", 6
273 // 29-32 Offset of string "my_app", 0
274 // 33-36 Second tag, TAG_APPLICATION_DATA
275 // 37-40 Length of string "foo", 3
276 // 41-44 Offset of string "foo", 6
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]277
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame^]278 // Check that stuff is where we think.
279 EXPECT_EQ('m', buf[4]);
280 EXPECT_EQ('f', buf[10]);
281 // Length of "my_app"
282 EXPECT_EQ(6U, read_uint32(buf.get() + 25));
283 // Offset of "my_app"
284 EXPECT_EQ(0U, read_uint32(buf.get() + 29));
285 // Length of "foo"
286 EXPECT_EQ(3U, read_uint32(buf.get() + 37));
287 // Offset of "foo"
288 EXPECT_EQ(6U, read_uint32(buf.get() + 41));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]289
290 // Check that deserialization works.
291 AuthorizationSet deserialized1(buf.get(), size);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]292 EXPECT_EQ(AuthorizationSet::OK, deserialized1.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]293
294 const uint8_t* p = buf.get();
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]295 EXPECT_TRUE(deserialized1.Deserialize(&p, p + size));
296 EXPECT_EQ(AuthorizationSet::OK, deserialized1.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]297
298 //
299 // Now mess them up in various ways:
300 //
301
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame^]302 // Move "foo" offset so offset + length goes off the end
303 add_to_uint32(buf.get() + 41, 1);
304 AuthorizationSet deserialized2(buf.get(), size);
305 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized2.is_valid());
306 add_to_uint32(buf.get() + 41, -1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]307
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame^]308 // Shorten the "my_app" length to make a gap between the blobs.
309 add_to_uint32(buf.get() + 25, -1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]310 AuthorizationSet deserialized3(buf.get(), size);
311 EXPECT_EQ(AuthorizationSet::MALFORMED_DATA, deserialized3.is_valid());
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame^]312 add_to_uint32(buf.get() + 25, 1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]313
Shawn Willden8d336ae2014-08-09 15:47:05 -0600[diff] [blame^]314 // Extend the "my_app" length to make them overlap, and decrease the "foo" length to keep the
315 // total length the same. We don't detect this but should.
316 // TODO(swillden): Detect overlaps and holes that leave total size correct.
317 add_to_uint32(buf.get() + 25, 1);
318 add_to_uint32(buf.get() + 37, -1);
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]319 AuthorizationSet deserialized4(buf.get(), size);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]320 EXPECT_EQ(AuthorizationSet::OK, deserialized4.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]321}
322
323TEST(Growable, SuccessfulRoundTrip) {
324 keymaster_key_param_t elems_buf[20];
325 uint8_t data_buf[200];
326
327 AuthorizationSet growable;
328 EXPECT_TRUE(growable.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA)));
329 EXPECT_EQ(1U, growable.size());
330
331 EXPECT_TRUE(growable.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY)));
332 EXPECT_EQ(2U, growable.size());
333
334 EXPECT_TRUE(growable.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN)));
335 EXPECT_EQ(3U, growable.size());
336
337 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_ID, "data", 4)));
338 EXPECT_EQ(4U, growable.size());
339
340 size_t serialize_size = growable.SerializedSize();
341 UniquePtr<uint8_t[]> serialized(new uint8_t[serialize_size]);
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]342 EXPECT_EQ(serialized.get() + serialize_size,
343 growable.Serialize(serialized.get(), serialized.get() + serialize_size));
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]344}
345
346TEST(Growable, InsufficientElemBuf) {
347 keymaster_key_param_t elems_buf[1];
348 uint8_t data_buf[200];
349
350 AuthorizationSet growable;
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]351 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]352
353 // First insertion fits.
354 EXPECT_TRUE(growable.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA)));
355 EXPECT_EQ(1U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]356 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]357
358 // Second does too.
359 EXPECT_TRUE(growable.push_back(Authorization(TAG_RSA_PUBLIC_EXPONENT, 3)));
360 EXPECT_EQ(2U, growable.size());
361}
362
363TEST(Growable, InsufficientIndirectBuf) {
364 keymaster_key_param_t elems_buf[3];
365 uint8_t data_buf[10];
366
367 AuthorizationSet growable;
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]368 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]369
370 EXPECT_TRUE(growable.push_back(Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA)));
371 EXPECT_EQ(1U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]372 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]373
374 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_ID, "1234567890", 10)));
375 EXPECT_EQ(2U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]376 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]377
378 EXPECT_TRUE(growable.push_back(Authorization(TAG_APPLICATION_DATA, "1", 1)));
379 EXPECT_EQ(3U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]380 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]381
382 // Can still add another entry without indirect data. Now it's full.
383 EXPECT_TRUE(growable.push_back(Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN)));
384 EXPECT_EQ(4U, growable.size());
Shawn Willden58e1a542014-08-08 21:58:29 -0600[diff] [blame]385 EXPECT_EQ(AuthorizationSet::OK, growable.is_valid());
Shawn Willden5ada7b62014-07-29 09:44:17 -0600[diff] [blame]386}
387
388TEST(GetValue, GetInt) {
389 keymaster_key_param_t params[] = {
390 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
391 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
392 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
393 Authorization(TAG_USER_ID, 7),
394 Authorization(TAG_USER_AUTH_ID, 8),
395 Authorization(TAG_APPLICATION_ID, "my_app", 6),
396 Authorization(TAG_AUTH_TIMEOUT, 300),
397 };
398 AuthorizationSet set(params, array_length(params));
399
400 uint32_t val;
401 EXPECT_TRUE(set.GetTagValue(TAG_USER_ID, &val));
402 EXPECT_EQ(7U, val);
403
404 // Find one that isn't there
405 EXPECT_FALSE(set.GetTagValue(TAG_KEY_SIZE, &val));
406}
407
408TEST(GetValue, GetIntRep) {
409 keymaster_key_param_t params[] = {
410 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
411 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
412 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
413 Authorization(TAG_USER_ID, 7),
414 Authorization(TAG_USER_AUTH_ID, 8),
415 Authorization(TAG_APPLICATION_ID, "my_app", 6),
416 Authorization(TAG_AUTH_TIMEOUT, 300),
417 };
418 AuthorizationSet set(params, array_length(params));
419
420 uint32_t val;
421 EXPECT_TRUE(set.GetTagValue(TAG_USER_AUTH_ID, 0, &val));
422 EXPECT_EQ(8U, val);
423
424 // Find one that isn't there
425 EXPECT_FALSE(set.GetTagValue(TAG_USER_AUTH_ID, 1, &val));
426}
427
428TEST(GetValue, GetLong) {
429 keymaster_key_param_t params1[] = {
430 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
431 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
432 keymaster_param_long(TAG_RSA_PUBLIC_EXPONENT, 3),
433 };
434 AuthorizationSet set1(params1, array_length(params1));
435
436 keymaster_key_param_t params2[] = {
437 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
438 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
439 };
440 AuthorizationSet set2(params2, array_length(params2));
441
442 uint64_t val;
443 EXPECT_TRUE(set1.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &val));
444 EXPECT_EQ(3U, val);
445
446 // Find one that isn't there
447 EXPECT_FALSE(set2.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &val));
448}
449
450TEST(GetValue, GetEnum) {
451 keymaster_key_param_t params[] = {
452 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
453 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
454 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
455 Authorization(TAG_USER_ID, 7),
456 Authorization(TAG_USER_AUTH_ID, 8),
457 Authorization(TAG_APPLICATION_ID, "my_app", 6),
458 Authorization(TAG_AUTH_TIMEOUT, 300),
459 };
460 AuthorizationSet set(params, array_length(params));
461
462 keymaster_algorithm_t val;
463 EXPECT_TRUE(set.GetTagValue(TAG_ALGORITHM, &val));
464 EXPECT_EQ(KM_ALGORITHM_RSA, val);
465
466 // Find one that isn't there
467 keymaster_padding_t val2;
468 EXPECT_FALSE(set.GetTagValue(TAG_PADDING, &val2));
469}
470
471TEST(GetValue, GetEnumRep) {
472 keymaster_key_param_t params[] = {
473 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
474 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
475 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
476 Authorization(TAG_USER_ID, 7),
477 Authorization(TAG_USER_AUTH_ID, 8),
478 Authorization(TAG_APPLICATION_ID, "my_app", 6),
479 Authorization(TAG_AUTH_TIMEOUT, 300),
480 };
481 AuthorizationSet set(params, array_length(params));
482
483 keymaster_purpose_t val;
484 EXPECT_TRUE(set.GetTagValue(TAG_PURPOSE, 0, &val));
485 EXPECT_EQ(KM_PURPOSE_SIGN, val);
486 EXPECT_TRUE(set.GetTagValue(TAG_PURPOSE, 1, &val));
487 EXPECT_EQ(KM_PURPOSE_VERIFY, val);
488
489 // Find one that isn't there
490 EXPECT_FALSE(set.GetTagValue(TAG_PURPOSE, 2, &val));
491}
492
493TEST(GetValue, GetDate) {
494 keymaster_key_param_t params[] = {
495 Authorization(TAG_ACTIVE_DATETIME, 10),
496 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
497 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
498 Authorization(TAG_USER_ID, 7),
499 Authorization(TAG_USER_AUTH_ID, 8),
500 Authorization(TAG_APPLICATION_ID, "my_app", 6),
501 Authorization(TAG_AUTH_TIMEOUT, 300),
502 };
503 AuthorizationSet set(params, array_length(params));
504
505 uint64_t val;
506 EXPECT_TRUE(set.GetTagValue(TAG_ACTIVE_DATETIME, &val));
507 EXPECT_EQ(10U, val);
508
509 // Find one that isn't there
510 EXPECT_FALSE(set.GetTagValue(TAG_USAGE_EXPIRE_DATETIME, &val));
511}
512
513TEST(GetValue, GetBlob) {
514 keymaster_key_param_t params[] = {
515 Authorization(TAG_ACTIVE_DATETIME, 10),
516 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
517 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
518 Authorization(TAG_USER_ID, 7),
519 Authorization(TAG_USER_AUTH_ID, 8),
520 Authorization(TAG_APPLICATION_ID, "my_app", 6),
521 Authorization(TAG_AUTH_TIMEOUT, 300),
522 };
523 AuthorizationSet set(params, array_length(params));
524
525 keymaster_blob_t val;
526 EXPECT_TRUE(set.GetTagValue(TAG_APPLICATION_ID, &val));
527 EXPECT_EQ(6U, val.data_length);
528 EXPECT_EQ(0, memcmp(val.data, "my_app", 6));
529
530 // Find one that isn't there
531 EXPECT_FALSE(set.GetTagValue(TAG_APPLICATION_DATA, &val));
532}
533
534} // namespace test
535} // namespace keymaster