1 /*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 /*
18 * Tests:
19 * generic:
20 * - no session / invalid session
21 * - closed session
22 *
23 * hwkey:
24 * - derive twice to same result
25 * - derive different, different result
26 * - keyslot, invalid slot
27 *
28 */
29
30 #define TLOG_TAG "hwcrypto_unittest"
31
32 #include <math.h>
33 #include <stddef.h>
34 #include <stdint.h>
35 #include <stdlib.h>
36 #include <string.h>
37
38 #include <interface/hwkey/hwkey.h>
39 #include <lib/hwkey/hwkey.h>
40 #include <trusty_unittest.h>
41 #include <uapi/err.h>
42
43 #define RPMB_STORAGE_AUTH_KEY_ID "com.android.trusty.storage_auth.rpmb"
44 #define HWCRYPTO_UNITTEST_KEYBOX_ID "com.android.trusty.hwcrypto.unittest.key32"
45 #define HWCRYPTO_UNITTEST_DERIVED_KEYBOX_ID \
46 "com.android.trusty.hwcrypto.unittest.derived_key32"
47 #define HWCRYPTO_UNITTEST_OPAQUE_HANDLE_ID \
48 "com.android.trusty.hwcrypto.unittest.opaque_handle"
49 #define HWCRYPTO_UNITTEST_OPAQUE_HANDLE2_ID \
50 "com.android.trusty.hwcrypto.unittest.opaque_handle2"
51 #define HWCRYPTO_UNITTEST_OPAQUE_HANDLE_NOACCESS_ID \
52 "com.android.trusty.hwcrypto.unittest.opaque_handle_noaccess"
53 #define HWCRYPTO_UNITTEST_OPAQUE_DERIVED_ID \
54 "com.android.trusty.hwcrypto.unittest.opaque_derived"
55
56 #define STORAGE_AUTH_KEY_SIZE 32
57
58 static const uint8_t UNITTEST_KEYSLOT[] = "unittestkeyslotunittestkeyslotun";
59 static const uint8_t UNITTEST_DERIVED_KEYSLOT[] =
60 "unittestderivedkeyslotunittestde";
61 #if WITH_HWCRYPTO_UNITTEST
62 #define DISABLED_WITHOUT_HWCRYPTO_UNITTEST(name) name
63 #else
64 #pragma message \
65 "hwcrypto-unittest is built with the WITH_HWCRYPTO_UNITTEST define not enabled." \
66 "Hwkey tests will not test anything."
67 #define DISABLED_WITHOUT_HWCRYPTO_UNITTEST(name) DISABLED_##name
68 #endif
69
keys_are_sufficiently_distinct(uint8_t * buf1,size_t buf1_len,uint8_t * buf2,size_t buf2_len)70 static bool keys_are_sufficiently_distinct(uint8_t* buf1,
71 size_t buf1_len,
72 uint8_t* buf2,
73 size_t buf2_len) {
74 size_t differing_bytes = 0;
75 for (size_t i = 0; i < MIN(buf1_len, buf2_len); ++i) {
76 if (buf1[i] ^ buf2[i]) {
77 differing_bytes++;
78 }
79 }
80 return MIN(buf1_len, buf2_len) - differing_bytes <= 4;
81 }
82
83 /*
84 * Implement this hook for device specific hwkey tests
85 */
run_device_hwcrypto_unittest(void)86 __WEAK void run_device_hwcrypto_unittest(void) {}
87
TEST(hwcrypto,device_hwcrypto_unittest)88 TEST(hwcrypto, device_hwcrypto_unittest) {
89 run_device_hwcrypto_unittest();
90 }
91
92 typedef struct hwkey {
93 hwkey_session_t hwkey_session;
94 } hwkey_t;
95
TEST_F_SETUP(hwkey)96 TEST_F_SETUP(hwkey) {
97 int rc;
98
99 _state->hwkey_session = INVALID_IPC_HANDLE;
100 rc = hwkey_open();
101 ASSERT_GE(rc, 0);
102 _state->hwkey_session = (hwkey_session_t)rc;
103
104 test_abort:;
105 }
106
TEST_F_TEARDOWN(hwkey)107 TEST_F_TEARDOWN(hwkey) {
108 close(_state->hwkey_session);
109 }
110
TEST_F(hwkey,generic_invalid_session)111 TEST_F(hwkey, generic_invalid_session) {
112 const uint8_t src_data[] = "thirtytwo-bytes-of-nonsense-data";
113 static const size_t size = sizeof(src_data);
114 uint8_t dest[sizeof(src_data)];
115
116 hwkey_session_t invalid = INVALID_IPC_HANDLE;
117 uint32_t kdf_version = HWKEY_KDF_VERSION_BEST;
118
119 // should fail immediately
120 long rc = hwkey_derive(invalid, &kdf_version, src_data, dest, size);
121 EXPECT_EQ(ERR_BAD_HANDLE, rc, "generic - bad handle");
122 }
123
TEST_F(hwkey,generic_closed_session)124 TEST_F(hwkey, generic_closed_session) {
125 static const uint8_t src_data[] = "thirtytwo-bytes-of-nonsense-data";
126 static const uint32_t size = sizeof(src_data);
127 uint8_t dest[sizeof(src_data)];
128 uint32_t kdf_version = HWKEY_KDF_VERSION_BEST;
129
130 long rc = hwkey_open();
131 EXPECT_GE(rc, 0, "generic - open");
132
133 hwkey_session_t session = (hwkey_session_t)rc;
134 hwkey_close(session);
135
136 // should fail immediately
137 rc = hwkey_derive(session, &kdf_version, src_data, dest, size);
138 EXPECT_EQ(ERR_NOT_FOUND, rc, "generic - closed handle");
139 }
140
TEST_F(hwkey,derive_repeatable)141 TEST_F(hwkey, derive_repeatable) {
142 const uint8_t src_data[] = "thirtytwo-bytes-of-nonsense-data";
143 uint8_t dest[32];
144 uint8_t dest2[sizeof(dest)];
145 static const size_t size = sizeof(dest);
146 uint32_t kdf_version = HWKEY_KDF_VERSION_BEST;
147 struct hwkey_versioned_key_options versioned_args = {
148 .kdf_version = HWKEY_KDF_VERSION_BEST,
149 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
150 .os_rollback_version = 0,
151 .context = src_data,
152 .context_len = size,
153 };
154
155 memset(dest, 0, size);
156 memset(dest2, 0, size);
157
158 /* derive key once */
159 long rc = hwkey_derive(_state->hwkey_session, &kdf_version, src_data, dest,
160 size);
161 EXPECT_EQ(NO_ERROR, rc, "derive repeatable - initial derivation");
162 EXPECT_NE(HWKEY_KDF_VERSION_BEST, kdf_version,
163 "derive repeatable - kdf version");
164
165 /* derive key again */
166 rc = hwkey_derive(_state->hwkey_session, &kdf_version, src_data, dest2,
167 size);
168 EXPECT_EQ(NO_ERROR, rc, "derive repeatable - second derivation");
169
170 /* ensure they are the same */
171 rc = memcmp(dest, dest2, size);
172 EXPECT_EQ(0, rc, "derive repeatable - equal");
173 rc = memcmp(dest, src_data, size);
174 EXPECT_NE(0, rc, "derive repeatable - same as seed");
175
176 /* derive the same key using the versioned API fallback */
177 memset(dest2, 0, size);
178 versioned_args.key = dest2;
179 versioned_args.key_len = size;
180 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
181 EXPECT_EQ(NO_ERROR, rc, "derive repeatable - versioned API");
182
183 /* ensure they are the same */
184 rc = memcmp(dest, dest2, size);
185 EXPECT_EQ(0, rc, "derive repeatable - equal");
186
187 /* ensure that we don't derive the same key if deriving a shared key */
188 memset(dest2, 0, size);
189 versioned_args.shared_key = true;
190 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
191 EXPECT_EQ(NO_ERROR, rc, "derive repeatable - versioned API");
192
193 rc = memcmp(dest, dest2, size);
194 EXPECT_NE(0, rc, "derive repeatable - equal");
195 EXPECT_EQ(true, keys_are_sufficiently_distinct(dest, size, dest2, size),
196 "derived keys share too many bytes");
197
198 /*
199 * ensure that we don't derive the same key if deriving a versioned,
200 * device-unique key
201 */
202 memset(dest2, 0, size);
203 versioned_args.shared_key = false;
204 versioned_args.os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT;
205 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
206 EXPECT_EQ(NO_ERROR, rc, "derive repeatable - versioned API");
207
208 rc = memcmp(dest, dest2, size);
209 if (versioned_args.os_rollback_version > 0) {
210 EXPECT_NE(0, rc, "derive repeatable - equal");
211 EXPECT_EQ(true, keys_are_sufficiently_distinct(dest, size, dest2, size),
212 "derived keys share too many bytes");
213 } else {
214 EXPECT_EQ(0, rc, "derive repeatable - not equal");
215 }
216 }
217
TEST_F(hwkey,derive_repeatable_versioned)218 TEST_F(hwkey, derive_repeatable_versioned) {
219 const uint8_t src_data[] = "thirtytwo-bytes-of-nonsense-data";
220 uint8_t dest[128];
221 uint8_t dest2[128];
222 static const size_t key_len = sizeof(dest);
223 long rc;
224 struct hwkey_versioned_key_options versioned_args = {
225 .kdf_version = HWKEY_KDF_VERSION_BEST,
226 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
227 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
228 .context = src_data,
229 .context_len = sizeof(src_data),
230 .key_len = key_len,
231 };
232
233 memset(dest, 0, key_len);
234 memset(dest2, 0, key_len);
235
236 versioned_args.key = dest;
237 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
238 EXPECT_EQ(NO_ERROR, rc, "derive repeatable versioned - initial derivation");
239 EXPECT_NE(HWKEY_KDF_VERSION_BEST, versioned_args.kdf_version,
240 "derive repeatable versioned - kdf version");
241
242 rc = memcmp(dest, dest2, key_len);
243 EXPECT_NE(0, rc, "derive repeatable versioned - not zeroed");
244 EXPECT_NE(versioned_args.os_rollback_version,
245 HWKEY_ROLLBACK_VERSION_CURRENT,
246 "derive repeatable current version");
247
248 memset(dest2, 0, key_len);
249 versioned_args.key = dest2;
250 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
251 EXPECT_EQ(NO_ERROR, rc, "derive repeatable versioned - second derivation");
252
253 /* ensure they are the same */
254 rc = memcmp(dest, dest2, key_len);
255 EXPECT_EQ(0, rc, "derive repeatable versioned - equal");
256 rc = memcmp(dest, src_data, sizeof(src_data));
257 EXPECT_NE(0, rc, "derive repeatable versioned - same as seed");
258
259 /* repeat for shared keys */
260 versioned_args.shared_key = true;
261 memset(dest, 0, key_len);
262 memset(dest2, 0, key_len);
263
264 versioned_args.key = dest;
265 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
266 EXPECT_EQ(NO_ERROR, rc, "derive repeatable versioned - initial derivation");
267 EXPECT_NE(HWKEY_KDF_VERSION_BEST, versioned_args.kdf_version,
268 "derive repeatable versioned - kdf version");
269
270 rc = memcmp(dest, dest2, key_len);
271 EXPECT_NE(0, rc, "derive repeatable versioned - not zeroed");
272
273 memset(dest2, 0, key_len);
274 versioned_args.key = dest2;
275 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
276 EXPECT_EQ(NO_ERROR, rc, "derive repeatable versioned - second derivation");
277
278 /* ensure they are the same */
279 rc = memcmp(dest, dest2, key_len);
280 EXPECT_EQ(0, rc, "derive repeatable versioned - equal");
281 rc = memcmp(dest, src_data, sizeof(src_data));
282 EXPECT_NE(0, rc, "derive repeatable versioned - same as seed");
283 }
284
TEST_F(hwkey,derive_different)285 TEST_F(hwkey, derive_different) {
286 const uint8_t src_data[] = "thirtytwo-bytes-of-nonsense-data";
287 const uint8_t src_data2[] = "thirtytwo-byt3s-of-nons3ns3-data";
288
289 uint8_t dest[32];
290 uint8_t dest2[sizeof(dest)];
291 static const uint32_t size = sizeof(dest);
292 uint32_t kdf_version = HWKEY_KDF_VERSION_BEST;
293
294 memset(dest, 0, size);
295 memset(dest2, 0, size);
296
297 /* derive key once */
298 long rc = hwkey_derive(_state->hwkey_session, &kdf_version, src_data, dest,
299 size);
300 EXPECT_EQ(NO_ERROR, rc, "derive not repeatable - initial derivation");
301 EXPECT_NE(HWKEY_KDF_VERSION_BEST, kdf_version,
302 "derive not repeatable - kdf version");
303
304 /* derive key again, with different source data */
305 rc = hwkey_derive(_state->hwkey_session, &kdf_version, src_data2, dest2,
306 size);
307 EXPECT_EQ(NO_ERROR, rc, "derive not repeatable - second derivation");
308
309 /* ensure they are not the same */
310 rc = memcmp(dest, dest2, size);
311 EXPECT_NE(0, rc, "derive not repeatable - equal");
312 rc = memcmp(dest, src_data, size);
313 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
314 rc = memcmp(dest2, src_data2, size);
315 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
316
317 EXPECT_EQ(true, keys_are_sufficiently_distinct(dest, size, dest2, size),
318 "derived keys share too many bytes");
319 }
320
TEST_F(hwkey,derive_different_versioned)321 TEST_F(hwkey, derive_different_versioned) {
322 const uint8_t src_data[] = "thirtytwo-bytes-of-nonsense-data";
323 const uint8_t src_data2[] = "thirtytwo-byt3s-of-nons3ns3-data";
324
325 uint8_t dest[32];
326 uint8_t dest2[sizeof(dest)];
327 uint8_t dest_shared[sizeof(dest)];
328 uint8_t dest_shared2[sizeof(dest)];
329 static const uint32_t size = sizeof(dest);
330 long rc;
331 struct hwkey_versioned_key_options versioned_args;
332
333 memset(dest, 0, size);
334 memset(dest2, 0, size);
335 memset(dest_shared, 0, size);
336 memset(dest_shared2, 0, size);
337
338 versioned_args = (struct hwkey_versioned_key_options){
339 .kdf_version = HWKEY_KDF_VERSION_BEST,
340 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
341 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
342 .context = src_data,
343 .context_len = sizeof(src_data),
344 .shared_key = false,
345 .key = dest,
346 .key_len = sizeof(dest),
347 };
348 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
349 EXPECT_EQ(NO_ERROR, rc,
350 "derive not repeatable versioned - initial derivation");
351 EXPECT_NE(HWKEY_KDF_VERSION_BEST, versioned_args.kdf_version,
352 "derive not repeatable versioned - kdf version");
353
354 /* derive with the same input but an older OS version */
355 if (versioned_args.os_rollback_version >= 1) {
356 versioned_args = (struct hwkey_versioned_key_options){
357 .kdf_version = HWKEY_KDF_VERSION_BEST,
358 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
359 .os_rollback_version = versioned_args.os_rollback_version - 1,
360 .context = src_data,
361 .context_len = sizeof(src_data),
362 .shared_key = false,
363 .key = dest2,
364 .key_len = sizeof(dest2),
365 };
366 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
367 EXPECT_EQ(NO_ERROR, rc,
368 "derive not repeatable versioned - second derivation");
369
370 /* ensure they are not the same */
371 rc = memcmp(dest, dest2, size);
372 EXPECT_NE(0, rc, "derive not repeatable - equal");
373 rc = memcmp(dest, src_data, size);
374 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
375 rc = memcmp(dest2, src_data2, size);
376 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
377
378 EXPECT_EQ(true, keys_are_sufficiently_distinct(dest, size, dest2, size),
379 "derived keys share too many bytes");
380 }
381
382 /* derive with different input */
383 memset(dest2, 0, size);
384 versioned_args = (struct hwkey_versioned_key_options){
385 .kdf_version = HWKEY_KDF_VERSION_BEST,
386 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
387 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
388 .context = src_data2,
389 .context_len = sizeof(src_data2),
390 .shared_key = false,
391 .key = dest2,
392 .key_len = sizeof(dest2),
393 };
394 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
395 EXPECT_EQ(NO_ERROR, rc,
396 "derive not repeatable versioned - second derivation");
397
398 /* ensure they are not the same */
399 rc = memcmp(dest, dest2, size);
400 EXPECT_NE(0, rc, "derive not repeatable - equal");
401 rc = memcmp(dest, src_data, size);
402 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
403 rc = memcmp(dest2, src_data2, size);
404 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
405
406 EXPECT_EQ(true, keys_are_sufficiently_distinct(dest, size, dest2, size),
407 "derived keys share too many bytes");
408
409 /* derive a shared key from the same input and ensure different */
410 versioned_args = (struct hwkey_versioned_key_options){
411 .kdf_version = HWKEY_KDF_VERSION_BEST,
412 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
413 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
414 .context = src_data,
415 .context_len = sizeof(src_data),
416 .shared_key = true,
417 .key = dest_shared,
418 .key_len = sizeof(dest_shared),
419 };
420 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
421 EXPECT_EQ(NO_ERROR, rc,
422 "derive not repeatable versioned - second derivation");
423
424 /* ensure they are not the same */
425 rc = memcmp(dest, dest_shared, size);
426 EXPECT_NE(0, rc, "derive not repeatable - equal");
427 rc = memcmp(dest2, dest_shared, size);
428 EXPECT_NE(0, rc, "derive not repeatable - equal");
429 rc = memcmp(dest_shared, src_data, size);
430 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
431
432 EXPECT_EQ(true,
433 keys_are_sufficiently_distinct(dest, size, dest_shared, size),
434 "derived keys share too many bytes");
435 EXPECT_EQ(true,
436 keys_are_sufficiently_distinct(dest2, size, dest_shared, size),
437 "derived keys share too many bytes");
438
439 /* shared key, different input */
440 versioned_args = (struct hwkey_versioned_key_options){
441 .kdf_version = HWKEY_KDF_VERSION_BEST,
442 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
443 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
444 .context = src_data2,
445 .context_len = sizeof(src_data2),
446 .shared_key = true,
447 .key = dest_shared2,
448 .key_len = sizeof(dest_shared2),
449 };
450 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
451 EXPECT_EQ(NO_ERROR, rc,
452 "derive not repeatable versioned - second derivation");
453
454 /* ensure they are not the same */
455 rc = memcmp(dest, dest_shared2, size);
456 EXPECT_NE(0, rc, "derive not repeatable - equal");
457 rc = memcmp(dest2, dest_shared2, size);
458 EXPECT_NE(0, rc, "derive not repeatable - equal");
459 rc = memcmp(dest_shared, dest_shared2, size);
460 EXPECT_NE(0, rc, "derive not repeatable - equal");
461 rc = memcmp(dest_shared2, src_data, size);
462 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
463
464 EXPECT_EQ(true,
465 keys_are_sufficiently_distinct(dest, size, dest_shared, size),
466 "derived keys share too many bytes");
467 EXPECT_EQ(true,
468 keys_are_sufficiently_distinct(dest2, size, dest_shared, size),
469 "derived keys share too many bytes");
470 EXPECT_EQ(true,
471 keys_are_sufficiently_distinct(dest_shared, size, dest_shared2,
472 size),
473 "derived keys share too many bytes");
474
475 /* derive a shared key with the same input but an older OS version */
476 if (versioned_args.os_rollback_version >= 1) {
477 versioned_args = (struct hwkey_versioned_key_options){
478 .kdf_version = HWKEY_KDF_VERSION_BEST,
479 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
480 .os_rollback_version = versioned_args.os_rollback_version - 1,
481 .context = src_data,
482 .context_len = sizeof(src_data),
483 .shared_key = true,
484 .key = dest_shared2,
485 .key_len = sizeof(dest_shared2),
486 };
487 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
488 EXPECT_EQ(NO_ERROR, rc,
489 "derive not repeatable versioned - second derivation");
490
491 /* ensure they are not the same */
492 rc = memcmp(dest, dest_shared2, size);
493 EXPECT_NE(0, rc, "derive not repeatable - equal");
494 rc = memcmp(dest2, dest_shared2, size);
495 EXPECT_NE(0, rc, "derive not repeatable - equal");
496 rc = memcmp(dest_shared, dest_shared2, size);
497 EXPECT_NE(0, rc, "derive not repeatable - equal");
498 rc = memcmp(dest_shared2, src_data, size);
499 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
500
501 EXPECT_EQ(true,
502 keys_are_sufficiently_distinct(dest, size, dest_shared, size),
503 "derived keys share too many bytes");
504 EXPECT_EQ(
505 true,
506 keys_are_sufficiently_distinct(dest2, size, dest_shared, size),
507 "derived keys share too many bytes");
508 EXPECT_EQ(true,
509 keys_are_sufficiently_distinct(dest_shared, size,
510 dest_shared2, size),
511 "derived keys share too many bytes");
512 }
513 }
514
TEST_F(hwkey,derive_different_version_source)515 TEST_F(hwkey, derive_different_version_source) {
516 const uint8_t src_data[] = "thirtytwo-bytes-of-nonsense-data";
517
518 uint8_t dest[32];
519 uint8_t dest2[sizeof(dest)];
520 uint8_t dest_shared[sizeof(dest)];
521 uint8_t dest_shared2[sizeof(dest)];
522 static const uint32_t size = sizeof(dest);
523 long rc;
524 struct hwkey_versioned_key_options versioned_args;
525
526 memset(dest, 0, size);
527 memset(dest2, 0, size);
528 memset(dest_shared, 0, size);
529 memset(dest_shared2, 0, size);
530
531 /* derive with current committed version */
532 versioned_args = (struct hwkey_versioned_key_options){
533 .kdf_version = HWKEY_KDF_VERSION_BEST,
534 .rollback_version_source = HWKEY_ROLLBACK_COMMITTED_VERSION,
535 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
536 .context = src_data,
537 .context_len = sizeof(src_data),
538 .shared_key = false,
539 .key = dest,
540 .key_len = sizeof(dest),
541 };
542 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
543 EXPECT_EQ(NO_ERROR, rc,
544 "derive not repeatable versioned - initial derivation");
545 EXPECT_NE(HWKEY_KDF_VERSION_BEST, versioned_args.kdf_version,
546 "derive not repeatable versioned - kdf version");
547
548 /*
549 * derive with the same input and rollback version but a different version
550 * source
551 */
552 versioned_args = (struct hwkey_versioned_key_options){
553 .kdf_version = HWKEY_KDF_VERSION_BEST,
554 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
555 .os_rollback_version = versioned_args.os_rollback_version,
556 .context = src_data,
557 .context_len = sizeof(src_data),
558 .shared_key = false,
559 .key = dest2,
560 .key_len = sizeof(dest2),
561 };
562 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
563 EXPECT_EQ(NO_ERROR, rc,
564 "derive not repeatable versioned - different source");
565
566 if (versioned_args.os_rollback_version > 0) {
567 /* not backwards compatible derivation */
568 rc = memcmp(dest, dest2, size);
569 EXPECT_NE(0, rc, "derive not repeatable - equal");
570 rc = memcmp(dest, src_data, size);
571 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
572
573 EXPECT_EQ(true, keys_are_sufficiently_distinct(dest, size, dest2, size),
574 "derived keys share too many bytes");
575 } else {
576 /* backwards compatible derivation, should be the same */
577 rc = memcmp(dest, dest2, size);
578 EXPECT_EQ(0, rc, "derive not repeatable - not equal");
579 }
580
581 /* derive shared key with 0 committed version */
582 versioned_args = (struct hwkey_versioned_key_options){
583 .kdf_version = HWKEY_KDF_VERSION_BEST,
584 .rollback_version_source = HWKEY_ROLLBACK_COMMITTED_VERSION,
585 .os_rollback_version = 0,
586 .context = src_data,
587 .context_len = sizeof(src_data),
588 .shared_key = true,
589 .key = dest_shared,
590 .key_len = sizeof(dest_shared),
591 };
592 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
593 EXPECT_EQ(NO_ERROR, rc,
594 "derive not repeatable versioned - initial derivation");
595
596 /* ensure they are not the same */
597 rc = memcmp(dest, dest_shared, size);
598 EXPECT_NE(0, rc, "derive not repeatable - equal");
599 rc = memcmp(dest2, dest_shared, size);
600 EXPECT_NE(0, rc, "derive not repeatable - equal");
601 rc = memcmp(dest_shared, src_data, size);
602 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
603
604 EXPECT_EQ(true,
605 keys_are_sufficiently_distinct(dest, size, dest_shared, size),
606 "derived keys share too many bytes");
607 EXPECT_EQ(true,
608 keys_are_sufficiently_distinct(dest2, size, dest_shared, size),
609 "derived keys share too many bytes");
610
611 /* derive shared key with 0 running version */
612 versioned_args = (struct hwkey_versioned_key_options){
613 .kdf_version = HWKEY_KDF_VERSION_BEST,
614 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
615 .os_rollback_version = 0,
616 .context = src_data,
617 .context_len = sizeof(src_data),
618 .shared_key = true,
619 .key = dest_shared2,
620 .key_len = sizeof(dest_shared2),
621 };
622 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
623 EXPECT_EQ(NO_ERROR, rc,
624 "derive not repeatable versioned - initial derivation");
625
626 /* ensure they are not the same */
627 rc = memcmp(dest, dest_shared2, size);
628 EXPECT_NE(0, rc, "derive not repeatable - equal");
629 rc = memcmp(dest2, dest_shared2, size);
630 EXPECT_NE(0, rc, "derive not repeatable - equal");
631 rc = memcmp(dest_shared, dest_shared2, size);
632 EXPECT_NE(0, rc, "derive not repeatable - equal");
633 rc = memcmp(dest_shared2, src_data, size);
634 EXPECT_NE(0, rc, "derive not repeatable - equal to source");
635
636 EXPECT_EQ(true,
637 keys_are_sufficiently_distinct(dest, size, dest_shared2, size),
638 "derived keys share too many bytes");
639 EXPECT_EQ(true,
640 keys_are_sufficiently_distinct(dest2, size, dest_shared2, size),
641 "derived keys share too many bytes");
642 EXPECT_EQ(true,
643 keys_are_sufficiently_distinct(dest_shared, size, dest_shared2,
644 size),
645 "derived keys share too many bytes");
646 }
647
TEST_F(hwkey,derive_zero_length)648 TEST_F(hwkey, derive_zero_length) {
649 static const uint32_t size = 0;
650 const uint8_t* src_data = NULL;
651 uint8_t* dest = NULL;
652 uint32_t kdf_version = HWKEY_KDF_VERSION_BEST;
653
654 /* derive key once */
655 long rc = hwkey_derive(_state->hwkey_session, &kdf_version, src_data, dest,
656 size);
657 EXPECT_EQ(ERR_NOT_VALID, rc, "derive zero length");
658 }
659
TEST_F(hwkey,derive_version_query)660 TEST_F(hwkey, derive_version_query) {
661 struct hwkey_versioned_key_options versioned_args = {
662 .kdf_version = HWKEY_KDF_VERSION_BEST,
663 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
664 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
665 .context = NULL,
666 .context_len = 0,
667 .key = NULL,
668 .key_len = 0,
669 };
670
671 /* NULL key and context can be used to query the current rollback version */
672 long rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
673 EXPECT_EQ(NO_ERROR, rc, "versioned derive with zero length");
674 EXPECT_NE(HWKEY_ROLLBACK_VERSION_CURRENT,
675 versioned_args.os_rollback_version,
676 "running rollback version not updated");
677
678 versioned_args.rollback_version_source = HWKEY_ROLLBACK_COMMITTED_VERSION;
679 versioned_args.os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT;
680 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
681 EXPECT_EQ(NO_ERROR, rc, "versioned derive with zero length");
682 EXPECT_NE(HWKEY_ROLLBACK_VERSION_CURRENT,
683 versioned_args.os_rollback_version,
684 "running rollback version not updated");
685
686 versioned_args.key_len = 42;
687 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
688 EXPECT_EQ(ERR_NOT_VALID, rc,
689 "versioned derive with null key but non-zero length");
690 }
691
TEST_F(hwkey,derive_null_context)692 TEST_F(hwkey, derive_null_context) {
693 uint8_t key[32];
694 struct hwkey_versioned_key_options versioned_args = {
695 .kdf_version = HWKEY_KDF_VERSION_BEST,
696 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
697 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
698 .context = NULL,
699 .context_len = 0,
700 .key = key,
701 .key_len = sizeof(key),
702 };
703
704 long rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
705 EXPECT_NE(NO_ERROR, rc, "versioned derive with empty context");
706
707 versioned_args.context_len = 42;
708 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
709 EXPECT_EQ(ERR_NOT_VALID, rc,
710 "versioned derive with null context but non-zero length");
711 }
712
TEST_F(hwkey,derive_newer_versions)713 TEST_F(hwkey, derive_newer_versions) {
714 uint8_t key[32];
715 long rc;
716 struct hwkey_versioned_key_options versioned_args;
717
718 versioned_args = (struct hwkey_versioned_key_options){
719 .kdf_version = HWKEY_KDF_VERSION_BEST,
720 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
721 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
722 };
723 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
724 EXPECT_EQ(NO_ERROR, rc, "versioned derive query failed");
725
726 /* request a newer version */
727
728 versioned_args = (struct hwkey_versioned_key_options){
729 .kdf_version = HWKEY_KDF_VERSION_BEST,
730 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
731 .os_rollback_version = versioned_args.os_rollback_version + 1,
732 .key = key,
733 .key_len = sizeof(key),
734 };
735 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
736 EXPECT_NE(NO_ERROR, rc, "versioned derive with too new running version");
737
738 /* query committed version */
739 versioned_args = (struct hwkey_versioned_key_options){
740 .kdf_version = HWKEY_KDF_VERSION_BEST,
741 .rollback_version_source = HWKEY_ROLLBACK_COMMITTED_VERSION,
742 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
743 };
744 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
745 EXPECT_EQ(NO_ERROR, rc, "versioned derive query failed");
746
747 /* request a newer version */
748 versioned_args = (struct hwkey_versioned_key_options){
749 .kdf_version = HWKEY_KDF_VERSION_BEST,
750 .rollback_version_source = HWKEY_ROLLBACK_COMMITTED_VERSION,
751 .os_rollback_version = versioned_args.os_rollback_version + 1,
752 .key = key,
753 .key_len = sizeof(key),
754 };
755 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
756 EXPECT_NE(NO_ERROR, rc, "versioned derive with too new committed version");
757
758 /* try a very large version */
759 versioned_args = (struct hwkey_versioned_key_options){
760 .kdf_version = HWKEY_KDF_VERSION_BEST,
761 .rollback_version_source = HWKEY_ROLLBACK_COMMITTED_VERSION,
762 .os_rollback_version = INT32_MAX,
763 .key = key,
764 .key_len = sizeof(key),
765 };
766 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
767 EXPECT_NE(NO_ERROR, rc, "versioned derive with far too large version");
768 }
769
TEST_F(hwkey,derive_large_payload)770 TEST_F(hwkey, derive_large_payload) {
771 const size_t max_payload_size =
772 HWKEY_MAX_MSG_SIZE - sizeof(struct hwkey_derive_versioned_msg);
773 uint8_t context[HWKEY_MAX_MSG_SIZE];
774 uint8_t key[HWKEY_MAX_MSG_SIZE];
775 long rc;
776 struct hwkey_versioned_key_options versioned_args = {
777 .kdf_version = HWKEY_KDF_VERSION_BEST,
778 .rollback_version_source = HWKEY_ROLLBACK_RUNNING_VERSION,
779 .os_rollback_version = HWKEY_ROLLBACK_VERSION_CURRENT,
780 .context = context,
781 .context_len = 128,
782 .key = key,
783 .key_len = 128,
784 };
785
786 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
787 EXPECT_EQ(NO_ERROR, rc, "versioned derive with large context and key");
788
789 versioned_args.context_len = max_payload_size + 1;
790 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
791 EXPECT_EQ(ERR_BAD_LEN, rc, "versioned derive with too large context");
792
793 versioned_args.context_len = 128;
794 versioned_args.key_len = max_payload_size + 1;
795 rc = hwkey_derive_versioned(_state->hwkey_session, &versioned_args);
796 EXPECT_EQ(ERR_BAD_LEN, rc, "versioned derive with too large key");
797 }
798
TEST_F(hwkey,get_storage_auth)799 TEST_F(hwkey, get_storage_auth) {
800 uint32_t actual_size = STORAGE_AUTH_KEY_SIZE;
801 uint8_t storage_auth_key[STORAGE_AUTH_KEY_SIZE];
802 long rc = hwkey_get_keyslot_data(_state->hwkey_session,
803 RPMB_STORAGE_AUTH_KEY_ID, storage_auth_key,
804 &actual_size);
805 EXPECT_EQ(ERR_NOT_FOUND, rc, "auth key accessible when it shouldn't be");
806 }
807
TEST_F(hwkey,get_keybox)808 TEST_F(hwkey, get_keybox) {
809 uint8_t dest[sizeof(HWCRYPTO_UNITTEST_KEYBOX_ID)];
810 uint32_t actual_size = sizeof(dest);
811 long rc = hwkey_get_keyslot_data(_state->hwkey_session,
812 HWCRYPTO_UNITTEST_KEYBOX_ID, dest,
813 &actual_size);
814
815 #if WITH_HWCRYPTO_UNITTEST
816 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest keybox");
817 rc = memcmp(UNITTEST_KEYSLOT, dest, sizeof(UNITTEST_KEYSLOT) - 1);
818 EXPECT_EQ(0, rc, "get storage auth key invalid");
819 #else
820 EXPECT_EQ(ERR_NOT_FOUND, rc, "get hwcrypto-unittest keybox");
821 #endif
822 }
823
824 /*
825 * The derived key slot should return UNITTEST_DERIVED_KEYSLOT after decrypting
826 * it with the UNITTEST_KEYSLOT key.
827 */
TEST_F(hwkey,get_derived_keybox)828 TEST_F(hwkey, get_derived_keybox) {
829 uint8_t dest[sizeof(UNITTEST_DERIVED_KEYSLOT) - 1];
830 uint32_t actual_size = sizeof(dest);
831 long rc = hwkey_get_keyslot_data(_state->hwkey_session,
832 HWCRYPTO_UNITTEST_DERIVED_KEYBOX_ID, dest,
833 &actual_size);
834
835 #if WITH_HWCRYPTO_UNITTEST
836 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest derived keybox");
837 rc = memcmp(UNITTEST_DERIVED_KEYSLOT, dest,
838 sizeof(UNITTEST_DERIVED_KEYSLOT) - 1);
839 EXPECT_EQ(0, rc, "get derived invalid");
840 #else
841 EXPECT_EQ(ERR_NOT_FOUND, rc, "get hwcrypto-unittest derived keybox");
842 #endif
843 }
844
TEST_F(hwkey,get_opaque_handle)845 TEST_F(hwkey, get_opaque_handle) {
846 uint8_t dest[HWKEY_OPAQUE_HANDLE_MAX_SIZE] = {0};
847 uint32_t actual_size = sizeof(dest);
848 long rc = hwkey_get_keyslot_data(_state->hwkey_session,
849 HWCRYPTO_UNITTEST_OPAQUE_HANDLE_ID, dest,
850 &actual_size);
851 #if WITH_HWCRYPTO_UNITTEST
852 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest opaque keybox");
853 EXPECT_LE(actual_size, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
854
855 rc = strnlen((const char*)dest, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
856 EXPECT_LT(rc, HWKEY_OPAQUE_HANDLE_MAX_SIZE,
857 "opaque handle is unexpected size");
858 #else
859 EXPECT_EQ(ERR_NOT_FOUND, rc, "hwcrypto-unittest not enabled");
860 #endif
861 }
862
863 /* The following tests require hwcrpyto-unittest to do anything useful. */
864
TEST_F(hwkey,DISABLED_WITHOUT_HWCRYPTO_UNITTEST (get_opaque_key))865 TEST_F(hwkey, DISABLED_WITHOUT_HWCRYPTO_UNITTEST(get_opaque_key)) {
866 uint8_t handle[HWKEY_OPAQUE_HANDLE_MAX_SIZE] = {0};
867 uint32_t actual_size = sizeof(handle);
868 long rc = hwkey_get_keyslot_data(_state->hwkey_session,
869 HWCRYPTO_UNITTEST_OPAQUE_HANDLE_ID, handle,
870 &actual_size);
871
872 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest opaque keybox");
873 EXPECT_LE(actual_size, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
874 rc = strnlen((const char*)handle, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
875 EXPECT_LT(rc, HWKEY_OPAQUE_HANDLE_MAX_SIZE,
876 "Unexpected opaque handle size");
877
878 uint8_t key_buf[sizeof(UNITTEST_KEYSLOT) - 1] = {0};
879 actual_size = sizeof(key_buf);
880 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle,
881 key_buf, &actual_size);
882 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest opaque key failed");
883
884 rc = memcmp(UNITTEST_KEYSLOT, key_buf, sizeof(UNITTEST_KEYSLOT) - 1);
885 EXPECT_EQ(0, rc, "opaque key did not match expected value");
886 }
887
TEST_F(hwkey,DISABLED_WITHOUT_HWCRYPTO_UNITTEST (get_multiple_opaque_handles))888 TEST_F(hwkey, DISABLED_WITHOUT_HWCRYPTO_UNITTEST(get_multiple_opaque_handles)) {
889 uint8_t handle1[HWKEY_OPAQUE_HANDLE_MAX_SIZE] = {0};
890 uint32_t actual_size = sizeof(handle1);
891 long rc = hwkey_get_keyslot_data(_state->hwkey_session,
892 HWCRYPTO_UNITTEST_OPAQUE_HANDLE_ID,
893 handle1, &actual_size);
894 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest opaque keybox");
895 EXPECT_LE(actual_size, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
896
897 uint8_t handle2[HWKEY_OPAQUE_HANDLE_MAX_SIZE] = {0};
898 actual_size = sizeof(handle2);
899 rc = hwkey_get_keyslot_data(_state->hwkey_session,
900 HWCRYPTO_UNITTEST_OPAQUE_HANDLE_NOACCESS_ID,
901 handle2, &actual_size);
902 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest opaque keybox");
903 EXPECT_LE(actual_size, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
904
905 rc = memcmp(handle1, handle2, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
906 EXPECT_NE(0, rc, "opaque handles should not be the same");
907
908 uint8_t key_buf[sizeof(UNITTEST_KEYSLOT)] = {0};
909 actual_size = sizeof(key_buf);
910 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle1,
911 key_buf, &actual_size);
912 EXPECT_EQ(NO_ERROR, rc, "handle was not valid");
913 EXPECT_EQ(actual_size, sizeof(UNITTEST_KEYSLOT) - 1, "wrong key length");
914 rc = memcmp(UNITTEST_KEYSLOT, key_buf, sizeof(UNITTEST_KEYSLOT) - 1);
915 EXPECT_EQ(0, rc, "opaque key did not match expected value");
916
917 /* we are not allowed to retrieve key material for the NOACCESS handle */
918 memset(key_buf, 0, sizeof(UNITTEST_KEYSLOT));
919 actual_size = sizeof(key_buf);
920 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle2,
921 key_buf, &actual_size);
922 EXPECT_EQ(ERR_NOT_FOUND, rc,
923 "should not be able to retrieve key for second handle");
924
925 /*
926 * We need to reconnect to ensure that the tokens have been dropped and
927 * cleared.
928 */
929 hwkey_close(_state->hwkey_session);
930 int new_sess = hwkey_open();
931 ASSERT_GE(new_sess, 0);
932 _state->hwkey_session = (hwkey_session_t)new_sess;
933
934 /* Has the keyslot data been cleared? */
935 memset(key_buf, 0, sizeof(UNITTEST_KEYSLOT));
936 actual_size = sizeof(key_buf);
937 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle1,
938 key_buf, &actual_size);
939 EXPECT_EQ(ERR_NOT_FOUND, rc, "handle was still valid");
940
941 actual_size = sizeof(key_buf);
942 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle2,
943 key_buf, &actual_size);
944 EXPECT_EQ(ERR_NOT_FOUND, rc, "handle was still valid");
945
946 test_abort:;
947 }
948
949 /*
950 * Make sure that attempting to get the same handle from multiple concurrent
951 * sessions doesn't break things.
952 */
TEST_F(hwkey,DISABLED_WITHOUT_HWCRYPTO_UNITTEST (opaque_handle_multiple_sessions))953 TEST_F(hwkey,
954 DISABLED_WITHOUT_HWCRYPTO_UNITTEST(opaque_handle_multiple_sessions)) {
955 uint8_t handle1[HWKEY_OPAQUE_HANDLE_MAX_SIZE] = {0};
956 uint32_t actual_size = sizeof(handle1);
957 long rc = hwkey_get_keyslot_data(_state->hwkey_session,
958 HWCRYPTO_UNITTEST_OPAQUE_HANDLE_ID,
959 handle1, &actual_size);
960 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest opaque keybox");
961 EXPECT_LE(actual_size, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
962
963 int new_sess = hwkey_open();
964 ASSERT_GE(new_sess, 0);
965
966 uint8_t handle2[HWKEY_OPAQUE_HANDLE_MAX_SIZE] = {0};
967 actual_size = sizeof(handle2);
968 rc = hwkey_get_keyslot_data(new_sess, HWCRYPTO_UNITTEST_OPAQUE_HANDLE_ID,
969 handle2, &actual_size);
970 EXPECT_EQ(ERR_ALREADY_EXISTS, rc, "retrieve same handle twice");
971
972 /* Fetch a new handle with a different keyslot from the second session */
973 actual_size = sizeof(handle2);
974 rc = hwkey_get_keyslot_data(new_sess, HWCRYPTO_UNITTEST_OPAQUE_HANDLE2_ID,
975 handle2, &actual_size);
976 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest opaque keybox");
977 EXPECT_LE(actual_size, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
978
979 uint8_t key_buf[sizeof(UNITTEST_KEYSLOT)] = {0};
980
981 /* Fetch the keys via the first session */
982 actual_size = sizeof(key_buf);
983 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle1,
984 key_buf, &actual_size);
985 EXPECT_EQ(NO_ERROR, rc, "handle was not valid");
986 EXPECT_EQ(actual_size, sizeof(UNITTEST_KEYSLOT) - 1, "wrong key length");
987 rc = memcmp(UNITTEST_KEYSLOT, key_buf, sizeof(UNITTEST_KEYSLOT) - 1);
988 EXPECT_EQ(0, rc, "opaque key did not match expected value");
989
990 memset(key_buf, 0, sizeof(UNITTEST_KEYSLOT));
991 actual_size = sizeof(key_buf);
992 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle2,
993 key_buf, &actual_size);
994 EXPECT_EQ(NO_ERROR, rc, "handle was not valid");
995 EXPECT_EQ(actual_size, sizeof(UNITTEST_KEYSLOT) - 1, "wrong key length");
996 rc = memcmp(UNITTEST_KEYSLOT, key_buf, sizeof(UNITTEST_KEYSLOT) - 1);
997 EXPECT_EQ(0, rc, "opaque key did not match expected value");
998
999 /* Fetch the same key via the second session */
1000 memset(key_buf, 0, sizeof(UNITTEST_KEYSLOT));
1001 actual_size = sizeof(key_buf);
1002 rc = hwkey_get_keyslot_data(new_sess, (const char*)handle1, key_buf,
1003 &actual_size);
1004 EXPECT_EQ(NO_ERROR, rc, "handle was not valid");
1005 EXPECT_EQ(actual_size, sizeof(UNITTEST_KEYSLOT) - 1, "wrong key length");
1006 rc = memcmp(UNITTEST_KEYSLOT, key_buf, sizeof(UNITTEST_KEYSLOT) - 1);
1007 EXPECT_EQ(0, rc, "opaque key did not match expected value");
1008
1009 memset(key_buf, 0, sizeof(UNITTEST_KEYSLOT));
1010 actual_size = sizeof(key_buf);
1011 rc = hwkey_get_keyslot_data(new_sess, (const char*)handle2, key_buf,
1012 &actual_size);
1013 EXPECT_EQ(NO_ERROR, rc, "handle was not valid");
1014 EXPECT_EQ(actual_size, sizeof(UNITTEST_KEYSLOT) - 1, "wrong key length");
1015 rc = memcmp(UNITTEST_KEYSLOT, key_buf, sizeof(UNITTEST_KEYSLOT) - 1);
1016 EXPECT_EQ(0, rc, "opaque key did not match expected value");
1017
1018 hwkey_close(new_sess);
1019
1020 /* Has the keyslot data been cleared? */
1021 actual_size = sizeof(key_buf);
1022 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle1,
1023 key_buf, &actual_size);
1024 EXPECT_EQ(NO_ERROR, rc, "first session handle wasn't valid");
1025
1026 actual_size = sizeof(key_buf);
1027 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle2,
1028 key_buf, &actual_size);
1029 EXPECT_EQ(ERR_NOT_FOUND, rc, "second session handle was still valid");
1030
1031 /* Disconnect the original session which retrieved the handle */
1032 hwkey_close(_state->hwkey_session);
1033 new_sess = hwkey_open();
1034 ASSERT_GE(new_sess, 0);
1035 _state->hwkey_session = (hwkey_session_t)new_sess;
1036
1037 actual_size = sizeof(key_buf);
1038 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle1,
1039 key_buf, &actual_size);
1040 EXPECT_EQ(ERR_NOT_FOUND, rc, "handle was still valid");
1041
1042 actual_size = sizeof(key_buf);
1043 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle2,
1044 key_buf, &actual_size);
1045 EXPECT_EQ(ERR_NOT_FOUND, rc, "handle was still valid");
1046
1047 test_abort:;
1048 }
1049
TEST_F(hwkey,DISABLED_WITHOUT_HWCRYPTO_UNITTEST (try_empty_opaque_handle))1050 TEST_F(hwkey, DISABLED_WITHOUT_HWCRYPTO_UNITTEST(try_empty_opaque_handle)) {
1051 /* Reconnect just to make sure there is no spurious handles remaining. */
1052 hwkey_close(_state->hwkey_session);
1053 int new_sess = hwkey_open();
1054 ASSERT_GE(new_sess, 0);
1055 _state->hwkey_session = (hwkey_session_t)new_sess;
1056
1057 uint8_t key_buf[sizeof(UNITTEST_KEYSLOT) - 1] = {0};
1058 uint32_t actual_size = sizeof(key_buf);
1059 long rc = hwkey_get_keyslot_data(_state->hwkey_session, "", key_buf,
1060 &actual_size);
1061 EXPECT_EQ(ERR_NOT_FOUND, rc,
1062 "retrieving a key with an empty access token succeeded");
1063
1064 test_abort:;
1065 }
1066
TEST_F(hwkey,DISABLED_WITHOUT_HWCRYPTO_UNITTEST (get_opaque_derived_key))1067 TEST_F(hwkey, DISABLED_WITHOUT_HWCRYPTO_UNITTEST(get_opaque_derived_key)) {
1068 uint8_t handle[HWKEY_OPAQUE_HANDLE_MAX_SIZE] = {0};
1069 uint32_t actual_size = sizeof(handle);
1070 long rc = hwkey_get_keyslot_data(_state->hwkey_session,
1071 HWCRYPTO_UNITTEST_OPAQUE_DERIVED_ID,
1072 handle, &actual_size);
1073
1074 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest opaque derived key");
1075 EXPECT_LE(actual_size, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
1076 rc = strnlen((const char*)handle, HWKEY_OPAQUE_HANDLE_MAX_SIZE);
1077 EXPECT_EQ(rc, actual_size - 1, "Unexpected opaque handle size");
1078
1079 uint8_t key_buf[sizeof(UNITTEST_DERIVED_KEYSLOT) - 1];
1080 actual_size = sizeof(key_buf);
1081 rc = hwkey_get_keyslot_data(_state->hwkey_session, (const char*)handle,
1082 key_buf, &actual_size);
1083 EXPECT_EQ(NO_ERROR, rc, "get hwcrypto-unittest derived key failed");
1084 EXPECT_EQ(actual_size, sizeof(key_buf), "Unexpected opaque handle size");
1085
1086 rc = memcmp(UNITTEST_DERIVED_KEYSLOT, key_buf, sizeof(key_buf));
1087 EXPECT_EQ(0, rc, "get derived invalid");
1088 }
1089
1090 PORT_TEST(hwcrypto, "com.android.trusty.hwcrypto.test")
1091