1 /*
2 * Copyright (C) 2022 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define TLOG_TAG "cast-auth-trusty-test"
18
19 #include <stddef.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <string.h>
23
24 #include <array>
25 #include <cstdint>
26
27 #include <binder/RpcSession.h>
28 #include <binder/RpcTransportTipcTrusty.h>
29 #include <lib/unittest/unittest.h>
30 #include <trusty_ipc.h>
31 #include <trusty_log.h>
32 #include <trusty_unittest.h>
33 #include <uapi/err.h>
34
35 #include "BpCastAuth.h"
36
37 // trusty_unittest.h doesn't provide these by default.
38 #define ASSERT_TRUE(val, args...) ASSERT_EQ(true, (bool)(val), ##args)
39 #define ASSERT_FALSE(val, args...) ASSERT_EQ(false, (bool)(val), ##args)
40 #define EXPECT_TRUE(val, args...) EXPECT_EQ(true, (bool)(val), ##args)
41 #define EXPECT_FALSE(val, args...) EXPECT_EQ(false, (bool)(val), ##args)
42
43 unsigned char message_bin[] = {0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x0a};
44 unsigned int message_bin_len = 8;
45
46 /* The following test_hash is the SHA256 hash of the message consisting of these
47 * bytes: 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x0a
48 * prefixed by the appropriate DER prefix for SHA256.
49 */
50 const std::vector<uint8_t> test_hash{
51 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65,
52 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20, 0x00, 0xcf, 0x20,
53 0xe0, 0x7a, 0xa9, 0x69, 0x9f, 0x6c, 0x4f, 0x93, 0x42, 0x30, 0xee,
54 0xff, 0x8f, 0xc6, 0xf6, 0xcf, 0xdd, 0x57, 0xc8, 0xe5, 0xaf, 0x93,
55 0x49, 0x60, 0x82, 0xd7, 0x5c, 0xee, 0x42};
56
57 /* The following is a test RSA 2048 bit key, generated using openssl genrsa. It
58 * is in PKCS1 RSAPrivateKey (DER) format.
59 */
60 const std::vector<uint8_t> test_pkcs1_der{
61 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
62 0xca, 0xc1, 0x47, 0xf3, 0x2f, 0xf9, 0xd8, 0x47, 0x7f, 0x3b, 0x14, 0xb7,
63 0xde, 0x0f, 0xa8, 0x41, 0xe6, 0x30, 0x01, 0x27, 0x1b, 0x8a, 0x30, 0x96,
64 0xd0, 0x50, 0xa7, 0xfc, 0x19, 0xe0, 0xdf, 0x71, 0x6d, 0x0e, 0x8b, 0x79,
65 0x01, 0xa8, 0xe2, 0x01, 0x2d, 0x26, 0x93, 0xad, 0x3a, 0x2d, 0x84, 0xa0,
66 0x52, 0x64, 0xc9, 0x49, 0xdc, 0xf5, 0xa0, 0xd0, 0xd6, 0xab, 0xe1, 0xc5,
67 0x3d, 0x39, 0x53, 0x6b, 0xd5, 0x12, 0x33, 0x6b, 0xcd, 0x88, 0xb1, 0xa4,
68 0x6c, 0x69, 0x7f, 0x1c, 0x74, 0x6c, 0x27, 0xd6, 0xb8, 0x09, 0x1b, 0x0d,
69 0xb3, 0xc7, 0xd2, 0xaf, 0x52, 0xad, 0xf7, 0x61, 0x91, 0xa1, 0x39, 0x58,
70 0x99, 0xa4, 0x9b, 0x7d, 0x76, 0xe2, 0x26, 0x56, 0x86, 0x60, 0x1a, 0x47,
71 0xba, 0xdd, 0x94, 0xf2, 0x19, 0x08, 0x8f, 0x66, 0x9f, 0x59, 0xb9, 0x69,
72 0x9f, 0x53, 0x76, 0xb4, 0x2b, 0xac, 0x32, 0x87, 0x6d, 0x48, 0xeb, 0x80,
73 0x56, 0x2f, 0x1c, 0x7b, 0x82, 0x5b, 0x45, 0x51, 0xe3, 0xc1, 0xa9, 0xf0,
74 0x5c, 0xff, 0xc8, 0xf7, 0x6c, 0xfa, 0xf0, 0x84, 0x2f, 0x43, 0xa6, 0x25,
75 0xdf, 0xc6, 0xbd, 0xd8, 0x68, 0x56, 0x6f, 0x7b, 0xea, 0x9e, 0xf2, 0x69,
76 0xad, 0xf8, 0x7d, 0x18, 0x83, 0x73, 0xea, 0x09, 0xf7, 0x6d, 0x86, 0x41,
77 0x14, 0xd0, 0x98, 0xaa, 0xb0, 0x2d, 0x10, 0xd7, 0xa8, 0xdc, 0x02, 0x33,
78 0x31, 0xe5, 0xf6, 0xf4, 0x25, 0x4f, 0x97, 0xa8, 0xc6, 0x48, 0x6f, 0x00,
79 0xa4, 0x9f, 0x58, 0xce, 0x7b, 0xf7, 0x0d, 0x1b, 0x13, 0x4d, 0x9c, 0x69,
80 0x06, 0x19, 0x01, 0x60, 0x99, 0xa3, 0xeb, 0x09, 0x81, 0x17, 0x98, 0xcd,
81 0x45, 0xc1, 0xd1, 0xc6, 0x5a, 0xa4, 0xce, 0x87, 0x16, 0x75, 0x21, 0xda,
82 0x3e, 0xbd, 0x56, 0xdc, 0x54, 0xea, 0x50, 0x5e, 0xb1, 0xe8, 0x41, 0x74,
83 0x26, 0x4a, 0xde, 0x69, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
84 0x00, 0x5e, 0x94, 0x38, 0xa6, 0xe5, 0x4b, 0x4b, 0xab, 0x56, 0x5b, 0x4d,
85 0xf7, 0xd3, 0x1b, 0x44, 0xa6, 0xb0, 0xe4, 0xd5, 0xb4, 0xd3, 0x70, 0xeb,
86 0xe7, 0x7d, 0xf7, 0x11, 0xd5, 0x54, 0x91, 0x04, 0x4a, 0x19, 0xd0, 0x3e,
87 0x19, 0x4d, 0x3f, 0xe5, 0x65, 0x1d, 0x15, 0xb0, 0xaf, 0x8e, 0xc2, 0xea,
88 0xea, 0x0a, 0x65, 0x3f, 0x4c, 0x38, 0x49, 0x50, 0x21, 0xfa, 0xf1, 0xa4,
89 0xd8, 0x68, 0x0d, 0xd4, 0xaf, 0x29, 0x6e, 0x5b, 0x14, 0x3f, 0x85, 0x33,
90 0x30, 0x7a, 0xed, 0xdf, 0x40, 0x7b, 0xc2, 0x73, 0xf7, 0x02, 0x54, 0x25,
91 0x0d, 0x88, 0x3e, 0x7f, 0x36, 0x0f, 0x80, 0x5d, 0x34, 0x63, 0x45, 0x6c,
92 0xc5, 0xba, 0xae, 0x01, 0x66, 0x4e, 0x4d, 0x82, 0x0a, 0xbc, 0x96, 0x19,
93 0xcc, 0x3a, 0x0b, 0xe0, 0xcd, 0xea, 0x05, 0x87, 0x37, 0x1c, 0xc0, 0x32,
94 0xf0, 0x65, 0x44, 0xfe, 0xcb, 0x5e, 0xcf, 0xed, 0xa5, 0x4f, 0x1a, 0x07,
95 0x0a, 0x5b, 0x23, 0xea, 0x6c, 0x08, 0xcc, 0xae, 0x96, 0xc1, 0xae, 0xca,
96 0xa2, 0x3b, 0xa8, 0xae, 0x56, 0x5a, 0xe7, 0xe7, 0x97, 0x5e, 0x76, 0x7c,
97 0xdf, 0xab, 0xa6, 0x98, 0x81, 0x92, 0x7f, 0xc2, 0x53, 0x73, 0xd1, 0x6e,
98 0xcf, 0x34, 0x23, 0x8d, 0xaa, 0xe0, 0x06, 0x96, 0x37, 0x23, 0x9c, 0xe3,
99 0xf7, 0x4f, 0x7f, 0x3f, 0xe0, 0xa7, 0x79, 0xf4, 0x3f, 0x88, 0x57, 0x7b,
100 0x66, 0x65, 0xd1, 0xd3, 0xb7, 0x35, 0x28, 0x6f, 0xff, 0xda, 0x5e, 0x94,
101 0xbf, 0xa8, 0x8f, 0xbd, 0x02, 0x7d, 0x47, 0x1b, 0xe0, 0x7e, 0x07, 0x0b,
102 0x50, 0x01, 0x59, 0x9b, 0x3c, 0x0c, 0xbe, 0x57, 0x8d, 0x75, 0xb9, 0x6a,
103 0x19, 0x89, 0x51, 0x16, 0x30, 0xb1, 0xec, 0x1c, 0x21, 0x4b, 0xc6, 0xd1,
104 0x0b, 0x73, 0xda, 0x9d, 0x5a, 0x8d, 0x44, 0x58, 0x3b, 0x77, 0x69, 0xa8,
105 0x19, 0xec, 0xdd, 0x2c, 0x6d, 0x02, 0x81, 0x81, 0x00, 0xfc, 0x45, 0xfc,
106 0xbe, 0x2b, 0xe7, 0x2b, 0xb5, 0x4a, 0xf9, 0x36, 0x8e, 0x45, 0x77, 0xea,
107 0xf0, 0x6a, 0xd7, 0xd7, 0x54, 0x49, 0x6f, 0x3a, 0x60, 0x8a, 0x62, 0xb7,
108 0x0a, 0x14, 0x89, 0x96, 0xf2, 0xc6, 0xc2, 0x73, 0x3d, 0xc3, 0xa4, 0x2e,
109 0x32, 0x85, 0x0a, 0x14, 0x02, 0x3d, 0x71, 0x0c, 0xdb, 0xef, 0x71, 0xf2,
110 0x6c, 0xf4, 0xe6, 0x09, 0x71, 0x79, 0xb8, 0xea, 0x7a, 0xeb, 0x19, 0x24,
111 0x5a, 0x91, 0x21, 0xc5, 0x5c, 0x72, 0x71, 0xa3, 0xd7, 0x40, 0x6b, 0x26,
112 0x65, 0x47, 0x1d, 0xf4, 0xa3, 0xf8, 0xe2, 0x45, 0xdf, 0x90, 0xd7, 0xd5,
113 0x40, 0x64, 0x2f, 0xb1, 0x67, 0xf9, 0x5d, 0x32, 0xe0, 0xac, 0x85, 0xd4,
114 0x91, 0x29, 0x94, 0x44, 0xf5, 0x9a, 0xba, 0x6c, 0x0f, 0xd8, 0xef, 0x17,
115 0x41, 0xe9, 0x04, 0xb6, 0x59, 0xf0, 0xde, 0x79, 0xff, 0xaa, 0x98, 0x2e,
116 0xd6, 0xe0, 0x5d, 0xa6, 0xe3, 0x02, 0x81, 0x81, 0x00, 0xcd, 0xc0, 0x08,
117 0x2f, 0xda, 0xa0, 0x30, 0x59, 0x87, 0x6c, 0x72, 0x4d, 0x35, 0x59, 0x7a,
118 0x64, 0x4e, 0x25, 0x03, 0x56, 0xe8, 0xa4, 0x26, 0x9f, 0xcb, 0xb7, 0xdd,
119 0x87, 0xc3, 0x61, 0xc2, 0xf3, 0xd7, 0x7a, 0x78, 0xab, 0x65, 0xc8, 0xfe,
120 0xad, 0x53, 0x3a, 0xea, 0xa0, 0xdf, 0x8f, 0x78, 0x0c, 0xc7, 0x98, 0x5d,
121 0xce, 0x7c, 0x31, 0x46, 0x3a, 0x84, 0x1d, 0xf3, 0x62, 0xce, 0xb3, 0x9a,
122 0x60, 0xd8, 0x5e, 0x15, 0xee, 0xe1, 0x85, 0x70, 0x3e, 0x99, 0x50, 0x3d,
123 0x7e, 0x1e, 0xee, 0x95, 0x31, 0x91, 0xa1, 0x4c, 0xd9, 0xbc, 0x76, 0x40,
124 0x9f, 0x58, 0x2a, 0x4e, 0x5b, 0x9f, 0x82, 0xcc, 0xcb, 0x68, 0x83, 0x54,
125 0xd1, 0xdf, 0xe9, 0xed, 0x19, 0xd6, 0x28, 0x8d, 0x69, 0x91, 0x02, 0xcc,
126 0x48, 0x41, 0x70, 0x5d, 0xcf, 0x37, 0x72, 0x8c, 0x4e, 0x22, 0x06, 0x4f,
127 0x87, 0xab, 0x2c, 0xdb, 0x43, 0x02, 0x81, 0x81, 0x00, 0xb4, 0x36, 0xc6,
128 0xfb, 0x8f, 0x5f, 0x5f, 0xe0, 0xed, 0xc3, 0x24, 0x0e, 0xf4, 0x5f, 0x5b,
129 0x0d, 0x0e, 0x36, 0x4c, 0x93, 0xe0, 0xb5, 0xbd, 0x8d, 0x33, 0xae, 0x9b,
130 0x35, 0x6f, 0x40, 0x6e, 0xfd, 0xd5, 0xb1, 0x19, 0x24, 0x19, 0x3b, 0x92,
131 0xe8, 0xf2, 0x13, 0x26, 0x02, 0x07, 0xa4, 0x57, 0xdc, 0x51, 0xac, 0x23,
132 0xd3, 0x64, 0x0b, 0x64, 0xd9, 0x94, 0x6b, 0xdd, 0xcd, 0x9b, 0x5e, 0xe5,
133 0x92, 0x71, 0x35, 0x1f, 0xc9, 0x0f, 0xd4, 0x50, 0x87, 0xb7, 0x74, 0x14,
134 0x04, 0xab, 0x8e, 0x21, 0xb2, 0x75, 0x5c, 0x27, 0x30, 0x33, 0x47, 0x8c,
135 0x06, 0xa8, 0xcb, 0x4d, 0x3f, 0x8a, 0x6a, 0xe2, 0xaa, 0x8f, 0x74, 0x37,
136 0x4a, 0xcf, 0xda, 0x24, 0x7d, 0x13, 0x60, 0x73, 0x4b, 0xca, 0xdb, 0xd9,
137 0xd0, 0x72, 0xc6, 0xb4, 0x01, 0x82, 0x49, 0x5b, 0xfb, 0xa1, 0x01, 0x80,
138 0x0c, 0x6e, 0x51, 0x58, 0xa3, 0x02, 0x81, 0x80, 0x22, 0xb4, 0x17, 0x2d,
139 0x6b, 0x24, 0xc5, 0xc2, 0xf4, 0x12, 0x98, 0x9c, 0xe9, 0x38, 0xb4, 0x6a,
140 0x22, 0xbc, 0x1f, 0x7a, 0x13, 0x37, 0x4c, 0xc4, 0x7b, 0x2a, 0x02, 0x15,
141 0x9a, 0x20, 0xed, 0x2f, 0x0f, 0xd3, 0x3a, 0x73, 0x3e, 0x71, 0xce, 0x73,
142 0x11, 0xac, 0xc8, 0x52, 0x66, 0x22, 0xde, 0xce, 0xd9, 0x03, 0x9c, 0x1e,
143 0xed, 0xd7, 0xa9, 0xce, 0xc8, 0xe5, 0xfc, 0x5d, 0x58, 0x1b, 0xf7, 0x18,
144 0x0a, 0xa6, 0xa3, 0xf0, 0x6c, 0xdd, 0x82, 0xf7, 0x2c, 0x08, 0xda, 0xb6,
145 0x61, 0x25, 0x40, 0xc8, 0xe1, 0x95, 0x61, 0x4f, 0x00, 0x78, 0xb9, 0xa1,
146 0xa6, 0xcf, 0x4b, 0xf4, 0x2c, 0x4d, 0x75, 0x99, 0x81, 0x81, 0x55, 0x57,
147 0x28, 0xfb, 0x5d, 0xe0, 0x93, 0xbc, 0xb7, 0x4d, 0x6d, 0x06, 0x19, 0xca,
148 0xbe, 0x2e, 0xe3, 0xc3, 0xc5, 0xc8, 0x6e, 0x5d, 0xe7, 0x63, 0x45, 0x1a,
149 0xcf, 0x06, 0x7b, 0xdd, 0x02, 0x81, 0x81, 0x00, 0xef, 0xc8, 0x33, 0x35,
150 0x86, 0xa1, 0x19, 0x34, 0xca, 0x6a, 0x5b, 0x43, 0x2c, 0x5b, 0x31, 0xaf,
151 0xc5, 0x0e, 0xf8, 0x12, 0x91, 0x16, 0xb9, 0x8b, 0x01, 0xf9, 0xa8, 0x9c,
152 0x5b, 0x9e, 0xbb, 0xc6, 0x8d, 0xf7, 0xe7, 0xeb, 0x6f, 0x04, 0xbe, 0xa9,
153 0x06, 0xba, 0xed, 0x9a, 0xf9, 0x6c, 0xe1, 0x3f, 0x3e, 0x27, 0x79, 0xdb,
154 0x5a, 0x8f, 0x5b, 0x4d, 0xd4, 0xd0, 0xf5, 0x2f, 0xc4, 0xaf, 0xc9, 0xc4,
155 0x44, 0x5b, 0xf1, 0xde, 0x1a, 0x91, 0xb7, 0x2b, 0x24, 0xc0, 0xed, 0xdd,
156 0xb1, 0x1f, 0x57, 0x82, 0x82, 0xd2, 0xa5, 0x58, 0x7e, 0xcd, 0x91, 0xf6,
157 0x2c, 0x46, 0xb0, 0x9b, 0xc3, 0x01, 0x2c, 0x85, 0x38, 0xba, 0x6b, 0x8c,
158 0xfc, 0x04, 0x0a, 0x8c, 0xc1, 0xde, 0x42, 0xd2, 0x14, 0x77, 0xe1, 0x1f,
159 0x58, 0xe9, 0x78, 0x63, 0x10, 0xf9, 0x7d, 0x68, 0xdb, 0xb4, 0x63, 0xa5,
160 0x58, 0x04, 0x33, 0xa5};
161
162 /* The following is the signature of the above message generated using
163 * "openssl dgst" with the above private key, using the PKCS1v1.5 signature
164 * algorithm and SHA256 hash.
165 * This should be the output of the TA, given the above key and hash.
166 */
167 unsigned char test_signature[] = {
168 0x9a, 0x89, 0x5b, 0x21, 0x8e, 0x01, 0x79, 0x59, 0x64, 0xf3, 0xbf, 0x8f,
169 0x82, 0x14, 0xe8, 0x39, 0x97, 0x96, 0x78, 0x96, 0xc1, 0xcb, 0x02, 0x91,
170 0xf2, 0xb3, 0x17, 0x7b, 0xe6, 0xaf, 0xa9, 0x67, 0x7a, 0xc1, 0x89, 0xac,
171 0x99, 0x3f, 0x6f, 0x07, 0xe4, 0x02, 0x2f, 0xc5, 0x0c, 0xb2, 0x7b, 0x2b,
172 0xb5, 0x7b, 0xba, 0x41, 0xfc, 0xf1, 0x4f, 0xc4, 0x23, 0x88, 0x52, 0xef,
173 0x0e, 0x3d, 0x35, 0x07, 0xb1, 0x70, 0x0f, 0xeb, 0x62, 0x9e, 0x6d, 0x4c,
174 0x9e, 0x22, 0x11, 0x38, 0x35, 0x75, 0xd5, 0xef, 0xd6, 0x0e, 0x38, 0xcb,
175 0xe1, 0x13, 0x1c, 0xeb, 0xfb, 0x1c, 0x1e, 0x1c, 0x9f, 0x0a, 0x33, 0x4b,
176 0x3a, 0x2c, 0x02, 0x03, 0x81, 0x74, 0x2c, 0x23, 0x2c, 0x58, 0x55, 0x14,
177 0x5c, 0xfd, 0x4d, 0x46, 0x64, 0x0d, 0x0a, 0xb3, 0x01, 0x55, 0x11, 0x5a,
178 0x2b, 0x05, 0x76, 0x50, 0xd8, 0x95, 0xd5, 0x07, 0xe6, 0x94, 0x3c, 0xef,
179 0xde, 0x87, 0x15, 0x3c, 0xf9, 0xa2, 0x06, 0xec, 0x94, 0x29, 0xf1, 0x0b,
180 0x6d, 0x06, 0xe3, 0xdf, 0xb3, 0x0b, 0xca, 0x77, 0x33, 0x59, 0xdc, 0xb7,
181 0xd9, 0x45, 0x63, 0x2e, 0xa1, 0xdf, 0xc5, 0x48, 0x7c, 0x57, 0x82, 0xe3,
182 0x34, 0x0d, 0xb6, 0xcb, 0xe0, 0xca, 0x14, 0x1d, 0x1b, 0x81, 0x93, 0x4b,
183 0xc0, 0xc8, 0x2c, 0x33, 0xd9, 0x77, 0xd6, 0x5e, 0x47, 0x2a, 0x67, 0x5f,
184 0xaa, 0xd1, 0x17, 0xe8, 0xa2, 0xe4, 0xa9, 0xac, 0xb2, 0x65, 0x49, 0x58,
185 0x57, 0x7e, 0x00, 0xa8, 0xae, 0xd4, 0x38, 0x91, 0x6c, 0xb1, 0x00, 0xa0,
186 0x4d, 0xaa, 0x1f, 0x77, 0xf3, 0x44, 0x6c, 0x81, 0xcf, 0xa5, 0x86, 0x43,
187 0x02, 0x4a, 0x67, 0x01, 0x5e, 0x7a, 0xde, 0x98, 0x90, 0x1c, 0xbf, 0xfe,
188 0xb5, 0xb1, 0x41, 0xdf, 0x2d, 0xfe, 0x80, 0x1e, 0xe2, 0x78, 0x50, 0xd0,
189 0x7b, 0xde, 0x9e, 0xb2};
190
191 /* The following function is solely for the purpose of testing. It "wraps" a key
192 * such that it can be unwrapped by the sample keybox implementation in Trusty,
193 * used when WITH_FAKE_KEYBOX is set. As warned therein:
194 *
195 * THIS DOES NOT PROVIDE ANY SECURITY
196 *
197 * This is not a useful wrapping system. This is just intended as enough to mock
198 * that:
199 * 1. The wrapped data and unwrapped data are not the same.
200 * 2. The wrapped data will fail to unwrap if it is trivially tampered with.
201 *
202 * Note this wrapping function has no error checking. It's assumed to be called
203 * correctly i.e. such that the destination buffer (wrapped_keybox) is at least
204 * one byte bigger than the source buffer (keybox_plaintext).
205 */
keybox_wrap_for_test(const uint8_t * keybox_plaintext,size_t keybox_plaintext_len,uint8_t * wrapped_keybox,size_t wrapped_keybox_buf_len,size_t * wrapped_keybox_len)206 void keybox_wrap_for_test(const uint8_t* keybox_plaintext,
207 size_t keybox_plaintext_len,
208 uint8_t* wrapped_keybox,
209 size_t wrapped_keybox_buf_len,
210 size_t* wrapped_keybox_len) {
211 /* Generate checksum */
212 uint8_t checksum = 0;
213 for (size_t i = 0; i < keybox_plaintext_len; i++) {
214 checksum ^= keybox_plaintext[i];
215 }
216
217 /* Flip bits with masking byte */
218 for (size_t i = 0; i < keybox_plaintext_len; i++) {
219 wrapped_keybox[i] = keybox_plaintext[i] ^ 0x42;
220 }
221
222 *wrapped_keybox_len = keybox_plaintext_len + 1;
223 wrapped_keybox[keybox_plaintext_len] = checksum;
224 }
225
226 typedef struct {
227 android::sp<android::RpcSession> sess;
228 android::sp<ICastAuth> srv;
229 } CastAuthTest_t;
230
CastAuthTest_SetUp(CastAuthTest_t * state)231 static void CastAuthTest_SetUp(CastAuthTest_t* state) {
232 int rc;
233 android::binder::unique_fd chan;
234 android::status_t status;
235 android::sp<android::IBinder> root;
236
237 rc = connect(ICastAuth::PORT().c_str(), IPC_CONNECT_WAIT_FOR_PORT);
238 ASSERT_GE(rc, 0);
239 chan.reset(rc);
240
241 state->sess = android::RpcSession::make(
242 android::RpcTransportCtxFactoryTipcTrusty::make());
243 ASSERT_NE(nullptr, state->sess.get());
244
245 status = state->sess->setupPreconnectedClient(
246 std::move(chan), []() { return android::binder::unique_fd(); });
247 ASSERT_EQ(android::OK, status);
248
249 root = state->sess->getRootObject();
250 ASSERT_NE(nullptr, root.get());
251
252 state->srv = ICastAuth::asInterface(root);
253 ASSERT_NE(nullptr, state->srv.get());
254
255 test_abort:;
256 }
257
CastAuthTest_TearDown(CastAuthTest_t * state)258 static void CastAuthTest_TearDown(CastAuthTest_t* state) {
259 state->srv.clear();
260 }
261
262 #if defined(WITH_FAKE_KEYBOX)
263 #define FAKE_KEYBOX_ONLY_TEST(name) name
264 #else
265 #define FAKE_KEYBOX_ONLY_TEST(name) DISABLED_##name
266 #endif
267
TEST_F(CastAuthTest,FAKE_KEYBOX_ONLY_TEST (ProvisionAndSignHash))268 TEST_F(CastAuthTest, FAKE_KEYBOX_ONLY_TEST(ProvisionAndSignHash)) {
269 std::vector<uint8_t> wrapped_keybox(test_pkcs1_der.size() + 1);
270 size_t wrapped_keybox_len;
271 keybox_wrap_for_test(test_pkcs1_der.data(), test_pkcs1_der.size(),
272 wrapped_keybox.data(), wrapped_keybox.size(),
273 &wrapped_keybox_len);
274 wrapped_keybox.resize(wrapped_keybox_len);
275
276 {
277 auto status = _state->srv->ProvisionKey(wrapped_keybox);
278 ASSERT_TRUE(status.isOk(), "ProvisionKey");
279 }
280
281 {
282 std::vector<uint8_t> signature(256);
283 auto status = _state->srv->SignHash(test_hash, &signature);
284 ASSERT_TRUE(status.isOk(), "SignHash");
285 ASSERT_EQ(signature.size(), sizeof(test_signature), "signature size");
286 for (unsigned int i = 0; i < signature.size(); ++i) {
287 EXPECT_EQ(signature[i], test_signature[i], "signature diff");
288 }
289 }
290
291 test_abort:;
292 }
293
TEST_F(CastAuthTest,ProvisionUnwrappedAndSignHash)294 TEST_F(CastAuthTest, ProvisionUnwrappedAndSignHash) {
295 {
296 auto status = _state->srv->ProvisionKey(test_pkcs1_der);
297 ASSERT_TRUE(status.isOk(), "ProvisionKey");
298 }
299
300 {
301 std::vector<uint8_t> signature(256);
302 auto status = _state->srv->SignHash(test_hash, &signature);
303 ASSERT_TRUE(status.isOk(), "SignHash");
304 ASSERT_EQ(signature.size(), sizeof(test_signature), "signature size");
305 for (unsigned int i = 0; i < signature.size(); ++i) {
306 EXPECT_EQ(signature[i], test_signature[i], "signature diff");
307 }
308 }
309
310 test_abort:;
311 }
312
313 PORT_TEST(CastAuthTest, "com.android.trusty.cast_auth.test")
314