1 /*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <string>
18 #include <fstream>
19
20 #include <gtest/gtest.h>
21
22 #include <openssl/engine.h>
23
24 #include <keymaster/google_keymaster_utils.h>
25 #include <keymaster/keymaster_tags.h>
26
27 #include "google_keymaster_test_utils.h"
28 #include "google_softkeymaster.h"
29
30 using std::string;
31 using std::ifstream;
32 using std::istreambuf_iterator;
33
main(int argc,char ** argv)34 int main(int argc, char** argv) {
35 ::testing::InitGoogleTest(&argc, argv);
36 int result = RUN_ALL_TESTS();
37 // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain.
38 CRYPTO_cleanup_all_ex_data();
39 ERR_free_strings();
40 return result;
41 }
42
43 namespace keymaster {
44 namespace test {
45
46 class KeymasterTest : public testing::Test {
47 protected:
KeymasterTest()48 KeymasterTest() : device(5, new StdoutLogger) { RAND_seed("foobar", 6); }
~KeymasterTest()49 ~KeymasterTest() {}
50
51 GoogleSoftKeymaster device;
52 };
53
54 typedef KeymasterTest CheckSupported;
TEST_F(CheckSupported,SupportedAlgorithms)55 TEST_F(CheckSupported, SupportedAlgorithms) {
56 // Shouldn't blow up on NULL.
57 device.SupportedAlgorithms(NULL);
58
59 SupportedResponse<keymaster_algorithm_t> response;
60 device.SupportedAlgorithms(&response);
61 EXPECT_EQ(KM_ERROR_OK, response.error);
62 EXPECT_EQ(3U, response.results_length);
63 EXPECT_EQ(KM_ALGORITHM_RSA, response.results[0]);
64 EXPECT_EQ(KM_ALGORITHM_DSA, response.results[1]);
65 EXPECT_EQ(KM_ALGORITHM_ECDSA, response.results[2]);
66 }
67
TEST_F(CheckSupported,SupportedBlockModes)68 TEST_F(CheckSupported, SupportedBlockModes) {
69 // Shouldn't blow up on NULL.
70 device.SupportedBlockModes(KM_ALGORITHM_RSA, NULL);
71
72 SupportedResponse<keymaster_block_mode_t> response;
73 device.SupportedBlockModes(KM_ALGORITHM_RSA, &response);
74 EXPECT_EQ(KM_ERROR_OK, response.error);
75 EXPECT_EQ(0U, response.results_length);
76
77 device.SupportedBlockModes(KM_ALGORITHM_DSA, &response);
78 EXPECT_EQ(KM_ERROR_OK, response.error);
79 EXPECT_EQ(0U, response.results_length);
80
81 device.SupportedBlockModes(KM_ALGORITHM_ECDSA, &response);
82 EXPECT_EQ(KM_ERROR_OK, response.error);
83 EXPECT_EQ(0U, response.results_length);
84
85 device.SupportedBlockModes(KM_ALGORITHM_AES, &response);
86 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
87 }
88
TEST_F(CheckSupported,SupportedPaddingModes)89 TEST_F(CheckSupported, SupportedPaddingModes) {
90 // Shouldn't blow up on NULL.
91 device.SupportedPaddingModes(KM_ALGORITHM_RSA, NULL);
92
93 SupportedResponse<keymaster_padding_t> response;
94 device.SupportedPaddingModes(KM_ALGORITHM_RSA, &response);
95 EXPECT_EQ(KM_ERROR_OK, response.error);
96 EXPECT_EQ(1U, response.results_length);
97 EXPECT_EQ(KM_PAD_NONE, response.results[0]);
98
99 device.SupportedPaddingModes(KM_ALGORITHM_DSA, &response);
100 EXPECT_EQ(KM_ERROR_OK, response.error);
101 EXPECT_EQ(1U, response.results_length);
102 EXPECT_EQ(KM_PAD_NONE, response.results[0]);
103
104 device.SupportedPaddingModes(KM_ALGORITHM_ECDSA, &response);
105 EXPECT_EQ(KM_ERROR_OK, response.error);
106 EXPECT_EQ(1U, response.results_length);
107 EXPECT_EQ(KM_PAD_NONE, response.results[0]);
108
109 device.SupportedPaddingModes(KM_ALGORITHM_AES, &response);
110 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
111 }
112
TEST_F(CheckSupported,SupportedDigests)113 TEST_F(CheckSupported, SupportedDigests) {
114 // Shouldn't blow up on NULL.
115 device.SupportedDigests(KM_ALGORITHM_RSA, NULL);
116
117 SupportedResponse<keymaster_digest_t> response;
118 device.SupportedDigests(KM_ALGORITHM_RSA, &response);
119 EXPECT_EQ(KM_ERROR_OK, response.error);
120 EXPECT_EQ(1U, response.results_length);
121 EXPECT_EQ(KM_DIGEST_NONE, response.results[0]);
122
123 device.SupportedDigests(KM_ALGORITHM_DSA, &response);
124 EXPECT_EQ(KM_ERROR_OK, response.error);
125 EXPECT_EQ(1U, response.results_length);
126 EXPECT_EQ(KM_DIGEST_NONE, response.results[0]);
127
128 device.SupportedDigests(KM_ALGORITHM_ECDSA, &response);
129 EXPECT_EQ(KM_ERROR_OK, response.error);
130 EXPECT_EQ(1U, response.results_length);
131 EXPECT_EQ(KM_DIGEST_NONE, response.results[0]);
132
133 device.SupportedDigests(KM_ALGORITHM_AES, &response);
134 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
135 }
136
TEST_F(CheckSupported,SupportedImportFormats)137 TEST_F(CheckSupported, SupportedImportFormats) {
138 // Shouldn't blow up on NULL.
139 device.SupportedImportFormats(KM_ALGORITHM_RSA, NULL);
140
141 SupportedResponse<keymaster_key_format_t> response;
142 device.SupportedImportFormats(KM_ALGORITHM_RSA, &response);
143 EXPECT_EQ(KM_ERROR_OK, response.error);
144 EXPECT_EQ(1U, response.results_length);
145 EXPECT_EQ(KM_KEY_FORMAT_PKCS8, response.results[0]);
146
147 device.SupportedImportFormats(KM_ALGORITHM_DSA, &response);
148 EXPECT_EQ(KM_ERROR_OK, response.error);
149 EXPECT_EQ(1U, response.results_length);
150 EXPECT_EQ(KM_KEY_FORMAT_PKCS8, response.results[0]);
151
152 device.SupportedImportFormats(KM_ALGORITHM_ECDSA, &response);
153 EXPECT_EQ(KM_ERROR_OK, response.error);
154 EXPECT_EQ(1U, response.results_length);
155 EXPECT_EQ(KM_KEY_FORMAT_PKCS8, response.results[0]);
156
157 device.SupportedImportFormats(KM_ALGORITHM_AES, &response);
158 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
159 }
160
TEST_F(CheckSupported,SupportedExportFormats)161 TEST_F(CheckSupported, SupportedExportFormats) {
162 // Shouldn't blow up on NULL.
163 device.SupportedExportFormats(KM_ALGORITHM_RSA, NULL);
164
165 SupportedResponse<keymaster_key_format_t> response;
166 device.SupportedExportFormats(KM_ALGORITHM_RSA, &response);
167 EXPECT_EQ(KM_ERROR_OK, response.error);
168 EXPECT_EQ(1U, response.results_length);
169 EXPECT_EQ(KM_KEY_FORMAT_X509, response.results[0]);
170
171 device.SupportedExportFormats(KM_ALGORITHM_DSA, &response);
172 EXPECT_EQ(KM_ERROR_OK, response.error);
173 EXPECT_EQ(1U, response.results_length);
174 EXPECT_EQ(KM_KEY_FORMAT_X509, response.results[0]);
175
176 device.SupportedExportFormats(KM_ALGORITHM_ECDSA, &response);
177 EXPECT_EQ(KM_ERROR_OK, response.error);
178 EXPECT_EQ(1U, response.results_length);
179 EXPECT_EQ(KM_KEY_FORMAT_X509, response.results[0]);
180
181 device.SupportedExportFormats(KM_ALGORITHM_AES, &response);
182 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
183 }
184
185 typedef KeymasterTest NewKeyGeneration;
TEST_F(NewKeyGeneration,Rsa)186 TEST_F(NewKeyGeneration, Rsa) {
187 keymaster_key_param_t params[] = {
188 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
189 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
190 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
191 Authorization(TAG_KEY_SIZE, 256),
192 Authorization(TAG_USER_ID, 7),
193 Authorization(TAG_USER_AUTH_ID, 8),
194 Authorization(TAG_APPLICATION_ID, "app_id", 6),
195 Authorization(TAG_APPLICATION_DATA, "app_data", 8),
196 Authorization(TAG_AUTH_TIMEOUT, 300),
197 };
198 GenerateKeyRequest req;
199 req.key_description.Reinitialize(params, array_length(params));
200 GenerateKeyResponse rsp;
201
202 device.GenerateKey(req, &rsp);
203
204 ASSERT_EQ(KM_ERROR_OK, rsp.error);
205 EXPECT_EQ(0U, rsp.enforced.size());
206 EXPECT_EQ(12U, rsp.enforced.SerializedSize());
207 EXPECT_GT(rsp.unenforced.SerializedSize(), 12U);
208
209 // Check specified tags are all present in unenforced characteristics
210 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN));
211 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY));
212
213 EXPECT_TRUE(contains(rsp.unenforced, TAG_ALGORITHM, KM_ALGORITHM_RSA));
214
215 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7));
216 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8));
217 EXPECT_TRUE(contains(rsp.unenforced, TAG_KEY_SIZE, 256));
218 EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300));
219
220 // Verify that App ID, App data and ROT are NOT included.
221 EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST));
222 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID));
223 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA));
224
225 // Just for giggles, check that some unexpected tags/values are NOT present.
226 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
227 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT));
228 EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301));
229 EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT));
230
231 // Now check that unspecified, defaulted tags are correct.
232 EXPECT_TRUE(contains(rsp.unenforced, TAG_RSA_PUBLIC_EXPONENT, 65537));
233 EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE));
234 EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME));
235 }
236
TEST_F(NewKeyGeneration,Dsa)237 TEST_F(NewKeyGeneration, Dsa) {
238 keymaster_key_param_t params[] = {
239 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
240 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
241 Authorization(TAG_ALGORITHM, KM_ALGORITHM_DSA),
242 Authorization(TAG_KEY_SIZE, 256),
243 Authorization(TAG_USER_ID, 7),
244 Authorization(TAG_USER_AUTH_ID, 8),
245 Authorization(TAG_APPLICATION_ID, "app_id", 6),
246 Authorization(TAG_APPLICATION_DATA, "app_data", 8),
247 Authorization(TAG_AUTH_TIMEOUT, 300),
248 };
249 GenerateKeyRequest req;
250 req.key_description.Reinitialize(params, array_length(params));
251 GenerateKeyResponse rsp;
252
253 device.GenerateKey(req, &rsp);
254
255 ASSERT_EQ(KM_ERROR_OK, rsp.error);
256 EXPECT_EQ(0U, rsp.enforced.size());
257 EXPECT_EQ(12U, rsp.enforced.SerializedSize());
258 EXPECT_GT(rsp.unenforced.SerializedSize(), 12U);
259
260 // Check specified tags are all present in unenforced characteristics
261 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN));
262 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY));
263
264 EXPECT_TRUE(contains(rsp.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA));
265
266 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7));
267 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8));
268 EXPECT_TRUE(contains(rsp.unenforced, TAG_KEY_SIZE, 256));
269 EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300));
270
271 // Verify that App ID, App data and ROT are NOT included.
272 EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST));
273 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID));
274 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA));
275
276 // Just for giggles, check that some unexpected tags/values are NOT present.
277 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
278 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT));
279 EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301));
280 EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT));
281
282 // Now check that unspecified, defaulted tags are correct.
283 EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE));
284 EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME));
285
286 // Generator should have created DSA params.
287 keymaster_blob_t g, p, q;
288 EXPECT_TRUE(rsp.unenforced.GetTagValue(TAG_DSA_GENERATOR, &g));
289 EXPECT_TRUE(rsp.unenforced.GetTagValue(TAG_DSA_P, &p));
290 EXPECT_TRUE(rsp.unenforced.GetTagValue(TAG_DSA_Q, &q));
291 EXPECT_TRUE(g.data_length >= 63 && g.data_length <= 64);
292 EXPECT_EQ(64U, p.data_length);
293 EXPECT_EQ(20U, q.data_length);
294 }
295
TEST_F(NewKeyGeneration,Ecdsa)296 TEST_F(NewKeyGeneration, Ecdsa) {
297 keymaster_key_param_t params[] = {
298 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
299 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
300 Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA),
301 Authorization(TAG_KEY_SIZE, 256),
302 Authorization(TAG_USER_ID, 7),
303 Authorization(TAG_USER_AUTH_ID, 8),
304 Authorization(TAG_APPLICATION_ID, "app_id", 6),
305 Authorization(TAG_APPLICATION_DATA, "app_data", 8),
306 Authorization(TAG_AUTH_TIMEOUT, 300),
307 };
308 GenerateKeyRequest req;
309 req.key_description.Reinitialize(params, array_length(params));
310 GenerateKeyResponse rsp;
311
312 device.GenerateKey(req, &rsp);
313
314 ASSERT_EQ(KM_ERROR_OK, rsp.error);
315 EXPECT_EQ(0U, rsp.enforced.size());
316 EXPECT_EQ(12U, rsp.enforced.SerializedSize());
317 EXPECT_GT(rsp.unenforced.SerializedSize(), 12U);
318
319 // Check specified tags are all present in unenforced characteristics
320 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN));
321 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY));
322
323 EXPECT_TRUE(contains(rsp.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
324
325 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7));
326 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8));
327 EXPECT_TRUE(contains(rsp.unenforced, TAG_KEY_SIZE, 256));
328 EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300));
329
330 // Verify that App ID, App data and ROT are NOT included.
331 EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST));
332 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID));
333 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA));
334
335 // Just for giggles, check that some unexpected tags/values are NOT present.
336 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
337 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT));
338 EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301));
339 EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT));
340
341 // Now check that unspecified, defaulted tags are correct.
342 EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE));
343 EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME));
344 }
345
346 typedef KeymasterTest GetKeyCharacteristics;
TEST_F(GetKeyCharacteristics,SimpleRsa)347 TEST_F(GetKeyCharacteristics, SimpleRsa) {
348 keymaster_key_param_t params[] = {
349 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
350 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
351 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
352 Authorization(TAG_KEY_SIZE, 256),
353 Authorization(TAG_USER_ID, 7),
354 Authorization(TAG_USER_AUTH_ID, 8),
355 Authorization(TAG_APPLICATION_ID, "app_id", 6),
356 Authorization(TAG_AUTH_TIMEOUT, 300),
357 };
358
359 GenerateKeyRequest gen_req;
360 gen_req.key_description.Reinitialize(params, array_length(params));
361 GenerateKeyResponse gen_rsp;
362
363 device.GenerateKey(gen_req, &gen_rsp);
364 ASSERT_EQ(KM_ERROR_OK, gen_rsp.error);
365
366 GetKeyCharacteristicsRequest req;
367 req.SetKeyMaterial(gen_rsp.key_blob);
368 req.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
369
370 GetKeyCharacteristicsResponse rsp;
371 device.GetKeyCharacteristics(req, &rsp);
372 ASSERT_EQ(KM_ERROR_OK, rsp.error);
373
374 EXPECT_EQ(gen_rsp.enforced, rsp.enforced);
375 EXPECT_EQ(gen_rsp.unenforced, rsp.unenforced);
376 }
377
378 /**
379 * Test class that provides some infrastructure for generating keys and signing messages.
380 */
381 class SigningOperationsTest : public KeymasterTest {
382 protected:
GenerateKey(keymaster_algorithm_t algorithm,keymaster_digest_t digest,keymaster_padding_t padding,uint32_t key_size)383 void GenerateKey(keymaster_algorithm_t algorithm, keymaster_digest_t digest,
384 keymaster_padding_t padding, uint32_t key_size) {
385 keymaster_key_param_t params[] = {
386 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
387 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
388 Authorization(TAG_ALGORITHM, algorithm),
389 Authorization(TAG_KEY_SIZE, key_size),
390 Authorization(TAG_USER_ID, 7),
391 Authorization(TAG_USER_AUTH_ID, 8),
392 Authorization(TAG_APPLICATION_ID, "app_id", 6),
393 Authorization(TAG_AUTH_TIMEOUT, 300),
394 };
395 GenerateKeyRequest generate_request;
396 generate_request.key_description.Reinitialize(params, array_length(params));
397 if (static_cast<int>(digest) != -1)
398 generate_request.key_description.push_back(TAG_DIGEST, digest);
399 if (static_cast<int>(padding) != -1)
400 generate_request.key_description.push_back(TAG_PADDING, padding);
401 device.GenerateKey(generate_request, &generate_response_);
402 EXPECT_EQ(KM_ERROR_OK, generate_response_.error);
403 }
404
SignMessage(const void * message,size_t size)405 void SignMessage(const void* message, size_t size) {
406 SignMessage(generate_response_.key_blob, message, size);
407 }
408
SignMessage(const keymaster_key_blob_t & key_blob,const void * message,size_t size)409 void SignMessage(const keymaster_key_blob_t& key_blob, const void* message, size_t size) {
410 BeginOperationRequest begin_request;
411 BeginOperationResponse begin_response;
412 begin_request.SetKeyMaterial(key_blob);
413 begin_request.purpose = KM_PURPOSE_SIGN;
414 AddClientParams(&begin_request.additional_params);
415
416 device.BeginOperation(begin_request, &begin_response);
417 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
418
419 UpdateOperationRequest update_request;
420 UpdateOperationResponse update_response;
421 update_request.op_handle = begin_response.op_handle;
422 update_request.input.Reinitialize(message, size);
423 EXPECT_EQ(size, update_request.input.available_read());
424
425 device.UpdateOperation(update_request, &update_response);
426 ASSERT_EQ(KM_ERROR_OK, update_response.error);
427 EXPECT_EQ(0U, update_response.output.available_read());
428
429 FinishOperationRequest finish_request;
430 finish_request.op_handle = begin_response.op_handle;
431 device.FinishOperation(finish_request, &finish_response_);
432 ASSERT_EQ(KM_ERROR_OK, finish_response_.error);
433 EXPECT_GT(finish_response_.output.available_read(), 0U);
434 }
435
AddClientParams(AuthorizationSet * set)436 void AddClientParams(AuthorizationSet* set) { set->push_back(TAG_APPLICATION_ID, "app_id", 6); }
437
key_blob()438 const keymaster_key_blob_t& key_blob() { return generate_response_.key_blob; }
439
corrupt_key_blob()440 const keymaster_key_blob_t& corrupt_key_blob() {
441 uint8_t* tmp = const_cast<uint8_t*>(generate_response_.key_blob.key_material);
442 ++tmp[generate_response_.key_blob.key_material_size / 2];
443 return generate_response_.key_blob;
444 }
445
signature()446 Buffer* signature() {
447 if (finish_response_.error == KM_ERROR_OK)
448 return &finish_response_.output;
449 return NULL;
450 }
451
452 private:
453 GenerateKeyResponse generate_response_;
454 FinishOperationResponse finish_response_;
455 };
456
TEST_F(SigningOperationsTest,RsaSuccess)457 TEST_F(SigningOperationsTest, RsaSuccess) {
458 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
459 const char message[] = "12345678901234567890123456789012";
460
461 BeginOperationRequest begin_request;
462 BeginOperationResponse begin_response;
463 begin_request.SetKeyMaterial(key_blob());
464 begin_request.purpose = KM_PURPOSE_SIGN;
465 AddClientParams(&begin_request.additional_params);
466
467 device.BeginOperation(begin_request, &begin_response);
468 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
469
470 UpdateOperationRequest update_request;
471 UpdateOperationResponse update_response;
472 update_request.op_handle = begin_response.op_handle;
473 update_request.input.Reinitialize(message, array_size(message) - 1);
474 EXPECT_EQ(array_size(message) - 1, update_request.input.available_read());
475
476 device.UpdateOperation(update_request, &update_response);
477 ASSERT_EQ(KM_ERROR_OK, update_response.error);
478 EXPECT_EQ(0U, update_response.output.available_read());
479
480 FinishOperationRequest finish_request;
481 finish_request.op_handle = begin_response.op_handle;
482 FinishOperationResponse finish_response;
483 device.FinishOperation(finish_request, &finish_response);
484 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
485 EXPECT_GT(finish_response.output.available_read(), 0U);
486
487 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
488 }
489
TEST_F(SigningOperationsTest,DsaSuccess)490 TEST_F(SigningOperationsTest, DsaSuccess) {
491 GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
492
493 BeginOperationRequest begin_request;
494 BeginOperationResponse begin_response;
495 begin_request.SetKeyMaterial(key_blob());
496 begin_request.purpose = KM_PURPOSE_SIGN;
497 AddClientParams(&begin_request.additional_params);
498
499 device.BeginOperation(begin_request, &begin_response);
500 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
501
502 UpdateOperationRequest update_request;
503 UpdateOperationResponse update_response;
504 update_request.op_handle = begin_response.op_handle;
505 update_request.input.Reinitialize("123456789012345678901234567890123456789012345678", 48);
506 EXPECT_EQ(48U, update_request.input.available_read());
507
508 device.UpdateOperation(update_request, &update_response);
509 ASSERT_EQ(KM_ERROR_OK, update_response.error);
510 EXPECT_EQ(0U, update_response.output.available_read());
511
512 FinishOperationRequest finish_request;
513 finish_request.op_handle = begin_response.op_handle;
514 FinishOperationResponse finish_response;
515 device.FinishOperation(finish_request, &finish_response);
516 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
517 EXPECT_GT(finish_response.output.available_read(), 0U);
518
519 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
520 }
521
TEST_F(SigningOperationsTest,EcdsaSuccess)522 TEST_F(SigningOperationsTest, EcdsaSuccess) {
523 GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 192 /* key size */);
524
525 BeginOperationRequest begin_request;
526 BeginOperationResponse begin_response;
527 begin_request.SetKeyMaterial(key_blob());
528 begin_request.purpose = KM_PURPOSE_SIGN;
529 AddClientParams(&begin_request.additional_params);
530
531 device.BeginOperation(begin_request, &begin_response);
532 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
533
534 UpdateOperationRequest update_request;
535 UpdateOperationResponse update_response;
536 update_request.op_handle = begin_response.op_handle;
537 update_request.input.Reinitialize("123456789012345678901234567890123456789012345678", 48);
538 EXPECT_EQ(48U, update_request.input.available_read());
539
540 device.UpdateOperation(update_request, &update_response);
541 ASSERT_EQ(KM_ERROR_OK, update_response.error);
542 EXPECT_EQ(0U, update_response.output.available_read());
543
544 FinishOperationRequest finish_request;
545 finish_request.op_handle = begin_response.op_handle;
546 FinishOperationResponse finish_response;
547 device.FinishOperation(finish_request, &finish_response);
548 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
549 EXPECT_GT(finish_response.output.available_read(), 0U);
550
551 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
552 }
553
TEST_F(SigningOperationsTest,RsaAbort)554 TEST_F(SigningOperationsTest, RsaAbort) {
555 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
556
557 BeginOperationRequest begin_request;
558 BeginOperationResponse begin_response;
559 begin_request.SetKeyMaterial(key_blob());
560 begin_request.purpose = KM_PURPOSE_SIGN;
561 AddClientParams(&begin_request.additional_params);
562
563 device.BeginOperation(begin_request, &begin_response);
564 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
565
566 EXPECT_EQ(KM_ERROR_OK, device.AbortOperation(begin_response.op_handle));
567
568 // Another abort should fail
569 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
570 }
571
TEST_F(SigningOperationsTest,RsaUnsupportedDigest)572 TEST_F(SigningOperationsTest, RsaUnsupportedDigest) {
573 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_SHA_2_256, KM_PAD_NONE, 256 /* key size */);
574
575 BeginOperationRequest begin_request;
576 BeginOperationResponse begin_response;
577 begin_request.purpose = KM_PURPOSE_SIGN;
578 begin_request.SetKeyMaterial(key_blob());
579 AddClientParams(&begin_request.additional_params);
580
581 device.BeginOperation(begin_request, &begin_response);
582 ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error);
583
584 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
585 }
586
TEST_F(SigningOperationsTest,RsaUnsupportedPadding)587 TEST_F(SigningOperationsTest, RsaUnsupportedPadding) {
588 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_RSA_OAEP, 256 /* key size */);
589
590 BeginOperationRequest begin_request;
591 BeginOperationResponse begin_response;
592 begin_request.purpose = KM_PURPOSE_SIGN;
593 begin_request.SetKeyMaterial(key_blob());
594 AddClientParams(&begin_request.additional_params);
595
596 device.BeginOperation(begin_request, &begin_response);
597 ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error);
598
599 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
600 }
601
TEST_F(SigningOperationsTest,RsaNoDigest)602 TEST_F(SigningOperationsTest, RsaNoDigest) {
603 GenerateKey(KM_ALGORITHM_RSA, static_cast<keymaster_digest_t>(-1), KM_PAD_NONE,
604 256 /* key size */);
605
606 BeginOperationRequest begin_request;
607 BeginOperationResponse begin_response;
608 begin_request.purpose = KM_PURPOSE_SIGN;
609 begin_request.SetKeyMaterial(key_blob());
610 AddClientParams(&begin_request.additional_params);
611
612 device.BeginOperation(begin_request, &begin_response);
613 ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error);
614
615 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
616 }
617
TEST_F(SigningOperationsTest,RsaNoPadding)618 TEST_F(SigningOperationsTest, RsaNoPadding) {
619 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, static_cast<keymaster_padding_t>(-1),
620 256 /* key size */);
621
622 BeginOperationRequest begin_request;
623 BeginOperationResponse begin_response;
624 begin_request.purpose = KM_PURPOSE_SIGN;
625 begin_request.SetKeyMaterial(key_blob());
626 AddClientParams(&begin_request.additional_params);
627
628 device.BeginOperation(begin_request, &begin_response);
629 ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error);
630
631 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
632 }
633
TEST_F(SigningOperationsTest,RsaTooShortMessage)634 TEST_F(SigningOperationsTest, RsaTooShortMessage) {
635 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
636
637 BeginOperationRequest begin_request;
638 BeginOperationResponse begin_response;
639 begin_request.SetKeyMaterial(key_blob());
640 begin_request.purpose = KM_PURPOSE_SIGN;
641 AddClientParams(&begin_request.additional_params);
642
643 device.BeginOperation(begin_request, &begin_response);
644 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
645
646 UpdateOperationRequest update_request;
647 UpdateOperationResponse update_response;
648 update_request.op_handle = begin_response.op_handle;
649 update_request.input.Reinitialize("01234567890123456789012345678901", 31);
650 EXPECT_EQ(31U, update_request.input.available_read());
651
652 device.UpdateOperation(update_request, &update_response);
653 ASSERT_EQ(KM_ERROR_OK, update_response.error);
654 EXPECT_EQ(0U, update_response.output.available_read());
655
656 FinishOperationRequest finish_request;
657 finish_request.op_handle = begin_response.op_handle;
658 FinishOperationResponse finish_response;
659 device.FinishOperation(finish_request, &finish_response);
660 ASSERT_EQ(KM_ERROR_UNKNOWN_ERROR, finish_response.error);
661 EXPECT_EQ(0U, finish_response.output.available_read());
662
663 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
664 }
665
666 typedef SigningOperationsTest VerificationOperationsTest;
TEST_F(VerificationOperationsTest,RsaSuccess)667 TEST_F(VerificationOperationsTest, RsaSuccess) {
668 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
669 const char message[] = "12345678901234567890123456789012";
670 SignMessage(message, array_size(message) - 1);
671 ASSERT_TRUE(signature() != NULL);
672
673 BeginOperationRequest begin_request;
674 BeginOperationResponse begin_response;
675 begin_request.SetKeyMaterial(key_blob());
676 begin_request.purpose = KM_PURPOSE_VERIFY;
677 AddClientParams(&begin_request.additional_params);
678
679 device.BeginOperation(begin_request, &begin_response);
680 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
681
682 UpdateOperationRequest update_request;
683 UpdateOperationResponse update_response;
684 update_request.op_handle = begin_response.op_handle;
685 update_request.input.Reinitialize(message, array_size(message) - 1);
686 EXPECT_EQ(array_size(message) - 1, update_request.input.available_read());
687
688 device.UpdateOperation(update_request, &update_response);
689 ASSERT_EQ(KM_ERROR_OK, update_response.error);
690 EXPECT_EQ(0U, update_response.output.available_read());
691
692 FinishOperationRequest finish_request;
693 finish_request.op_handle = begin_response.op_handle;
694 finish_request.signature.Reinitialize(*signature());
695 FinishOperationResponse finish_response;
696 device.FinishOperation(finish_request, &finish_response);
697 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
698 EXPECT_EQ(0U, finish_response.output.available_read());
699
700 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
701 }
702
TEST_F(VerificationOperationsTest,DsaSuccess)703 TEST_F(VerificationOperationsTest, DsaSuccess) {
704 GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
705 const char message[] = "123456789012345678901234567890123456789012345678";
706 SignMessage(message, array_size(message) - 1);
707 ASSERT_TRUE(signature() != NULL);
708
709 BeginOperationRequest begin_request;
710 BeginOperationResponse begin_response;
711 begin_request.SetKeyMaterial(key_blob());
712 begin_request.purpose = KM_PURPOSE_VERIFY;
713 AddClientParams(&begin_request.additional_params);
714
715 device.BeginOperation(begin_request, &begin_response);
716 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
717
718 UpdateOperationRequest update_request;
719 UpdateOperationResponse update_response;
720 update_request.op_handle = begin_response.op_handle;
721 update_request.input.Reinitialize(message, array_size(message) - 1);
722 EXPECT_EQ(array_size(message) - 1, update_request.input.available_read());
723
724 device.UpdateOperation(update_request, &update_response);
725 ASSERT_EQ(KM_ERROR_OK, update_response.error);
726 EXPECT_EQ(0U, update_response.output.available_read());
727
728 FinishOperationRequest finish_request;
729 finish_request.op_handle = begin_response.op_handle;
730 finish_request.signature.Reinitialize(*signature());
731 FinishOperationResponse finish_response;
732 device.FinishOperation(finish_request, &finish_response);
733 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
734 EXPECT_EQ(0U, finish_response.output.available_read());
735
736 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
737 }
738
TEST_F(VerificationOperationsTest,EcdsaSuccess)739 TEST_F(VerificationOperationsTest, EcdsaSuccess) {
740 GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
741 const char message[] = "123456789012345678901234567890123456789012345678";
742 SignMessage(message, array_size(message) - 1);
743 ASSERT_TRUE(signature() != NULL);
744
745 BeginOperationRequest begin_request;
746 BeginOperationResponse begin_response;
747 begin_request.SetKeyMaterial(key_blob());
748 begin_request.purpose = KM_PURPOSE_VERIFY;
749 AddClientParams(&begin_request.additional_params);
750
751 device.BeginOperation(begin_request, &begin_response);
752 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
753
754 UpdateOperationRequest update_request;
755 UpdateOperationResponse update_response;
756 update_request.op_handle = begin_response.op_handle;
757 update_request.input.Reinitialize(message, array_size(message) - 1);
758 EXPECT_EQ(array_size(message) - 1, update_request.input.available_read());
759
760 device.UpdateOperation(update_request, &update_response);
761 ASSERT_EQ(KM_ERROR_OK, update_response.error);
762 EXPECT_EQ(0U, update_response.output.available_read());
763
764 FinishOperationRequest finish_request;
765 finish_request.op_handle = begin_response.op_handle;
766 finish_request.signature.Reinitialize(*signature());
767 FinishOperationResponse finish_response;
768 device.FinishOperation(finish_request, &finish_response);
769 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
770 EXPECT_EQ(0U, finish_response.output.available_read());
771
772 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
773 }
774
775 typedef SigningOperationsTest ExportKeyTest;
TEST_F(ExportKeyTest,RsaSuccess)776 TEST_F(ExportKeyTest, RsaSuccess) {
777 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
778
779 ExportKeyRequest request;
780 ExportKeyResponse response;
781 AddClientParams(&request.additional_params);
782 request.key_format = KM_KEY_FORMAT_X509;
783 request.SetKeyMaterial(key_blob());
784
785 device.ExportKey(request, &response);
786 ASSERT_EQ(KM_ERROR_OK, response.error);
787 EXPECT_TRUE(response.key_data != NULL);
788
789 // TODO(swillden): Verify that the exported key is actually usable to verify signatures.
790 }
791
TEST_F(ExportKeyTest,DsaSuccess)792 TEST_F(ExportKeyTest, DsaSuccess) {
793 GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 1024 /* key size */);
794
795 ExportKeyRequest request;
796 ExportKeyResponse response;
797 AddClientParams(&request.additional_params);
798 request.key_format = KM_KEY_FORMAT_X509;
799 request.SetKeyMaterial(key_blob());
800
801 device.ExportKey(request, &response);
802 ASSERT_EQ(KM_ERROR_OK, response.error);
803 EXPECT_TRUE(response.key_data != NULL);
804
805 // TODO(swillden): Verify that the exported key is actually usable to verify signatures.
806 }
807
TEST_F(ExportKeyTest,EcdsaSuccess)808 TEST_F(ExportKeyTest, EcdsaSuccess) {
809 GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 192 /* key size */);
810
811 ExportKeyRequest request;
812 ExportKeyResponse response;
813 AddClientParams(&request.additional_params);
814 request.key_format = KM_KEY_FORMAT_X509;
815 request.SetKeyMaterial(key_blob());
816
817 device.ExportKey(request, &response);
818 ASSERT_EQ(KM_ERROR_OK, response.error);
819 EXPECT_TRUE(response.key_data != NULL);
820
821 // TODO(swillden): Verify that the exported key is actually usable to verify signatures.
822 }
823
TEST_F(ExportKeyTest,RsaUnsupportedKeyFormat)824 TEST_F(ExportKeyTest, RsaUnsupportedKeyFormat) {
825 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256);
826
827 ExportKeyRequest request;
828 ExportKeyResponse response;
829 AddClientParams(&request.additional_params);
830
831 /* We have no other defined export formats defined. */
832 request.key_format = KM_KEY_FORMAT_PKCS8;
833 request.SetKeyMaterial(key_blob());
834
835 device.ExportKey(request, &response);
836 ASSERT_EQ(KM_ERROR_UNSUPPORTED_KEY_FORMAT, response.error);
837 EXPECT_TRUE(response.key_data == NULL);
838 }
839
TEST_F(ExportKeyTest,RsaCorruptedKeyBlob)840 TEST_F(ExportKeyTest, RsaCorruptedKeyBlob) {
841 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256);
842
843 ExportKeyRequest request;
844 ExportKeyResponse response;
845 AddClientParams(&request.additional_params);
846 request.key_format = KM_KEY_FORMAT_X509;
847 request.SetKeyMaterial(corrupt_key_blob());
848
849 device.ExportKey(request, &response);
850 ASSERT_EQ(KM_ERROR_INVALID_KEY_BLOB, response.error);
851 ASSERT_TRUE(response.key_data == NULL);
852 }
853
read_file(const string & file_name)854 static string read_file(const string& file_name) {
855 ifstream file_stream(file_name, std::ios::binary);
856 istreambuf_iterator<char> file_begin(file_stream);
857 istreambuf_iterator<char> file_end;
858 return string(file_begin, file_end);
859 }
860
861 typedef SigningOperationsTest ImportKeyTest;
TEST_F(ImportKeyTest,RsaSuccess)862 TEST_F(ImportKeyTest, RsaSuccess) {
863 keymaster_key_param_t params[] = {
864 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
865 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
866 Authorization(TAG_DIGEST, KM_DIGEST_NONE),
867 Authorization(TAG_PADDING, KM_PAD_NONE),
868 Authorization(TAG_USER_ID, 7),
869 Authorization(TAG_USER_AUTH_ID, 8),
870 Authorization(TAG_APPLICATION_ID, "app_id", 6),
871 Authorization(TAG_AUTH_TIMEOUT, 300),
872 };
873
874 string pk8_key = read_file("rsa_privkey_pk8.der");
875 ASSERT_EQ(633U, pk8_key.size());
876
877 ImportKeyRequest import_request;
878 import_request.key_description.Reinitialize(params, array_length(params));
879 import_request.key_format = KM_KEY_FORMAT_PKCS8;
880 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
881
882 ImportKeyResponse import_response;
883 device.ImportKey(import_request, &import_response);
884 ASSERT_EQ(KM_ERROR_OK, import_response.error);
885 EXPECT_EQ(0U, import_response.enforced.size());
886 EXPECT_GT(import_response.unenforced.size(), 0U);
887
888 // Check values derived from the key.
889 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_RSA));
890 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 1024));
891 EXPECT_TRUE(contains(import_response.unenforced, TAG_RSA_PUBLIC_EXPONENT, 65537U));
892
893 // And values provided by GoogleKeymaster
894 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
895 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
896
897 size_t message_len = 1024 / 8;
898 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
899 std::fill(message.get(), message.get() + message_len, 'a');
900 SignMessage(import_response.key_blob, message.get(), message_len);
901 ASSERT_TRUE(signature() != NULL);
902
903 BeginOperationRequest begin_request;
904 BeginOperationResponse begin_response;
905 begin_request.SetKeyMaterial(import_response.key_blob);
906 begin_request.purpose = KM_PURPOSE_VERIFY;
907 AddClientParams(&begin_request.additional_params);
908
909 device.BeginOperation(begin_request, &begin_response);
910 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
911
912 UpdateOperationRequest update_request;
913 UpdateOperationResponse update_response;
914 update_request.op_handle = begin_response.op_handle;
915 update_request.input.Reinitialize(message.get(), message_len);
916 EXPECT_EQ(message_len, update_request.input.available_read());
917
918 device.UpdateOperation(update_request, &update_response);
919 ASSERT_EQ(KM_ERROR_OK, update_response.error);
920 EXPECT_EQ(0U, update_response.output.available_read());
921
922 FinishOperationRequest finish_request;
923 finish_request.op_handle = begin_response.op_handle;
924 finish_request.signature.Reinitialize(*signature());
925 FinishOperationResponse finish_response;
926 device.FinishOperation(finish_request, &finish_response);
927 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
928 EXPECT_EQ(0U, finish_response.output.available_read());
929
930 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
931 }
932
TEST_F(ImportKeyTest,DsaSuccess)933 TEST_F(ImportKeyTest, DsaSuccess) {
934 keymaster_key_param_t params[] = {
935 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
936 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
937 Authorization(TAG_DIGEST, KM_DIGEST_NONE),
938 Authorization(TAG_PADDING, KM_PAD_NONE),
939 Authorization(TAG_USER_ID, 7),
940 Authorization(TAG_USER_AUTH_ID, 8),
941 Authorization(TAG_APPLICATION_ID, "app_id", 6),
942 Authorization(TAG_AUTH_TIMEOUT, 300),
943 };
944
945 string pk8_key = read_file("dsa_privkey_pk8.der");
946 ASSERT_EQ(335U, pk8_key.size());
947
948 ImportKeyRequest import_request;
949 import_request.key_description.Reinitialize(params, array_length(params));
950 import_request.key_format = KM_KEY_FORMAT_PKCS8;
951 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
952
953 ImportKeyResponse import_response;
954 device.ImportKey(import_request, &import_response);
955 ASSERT_EQ(KM_ERROR_OK, import_response.error);
956 EXPECT_EQ(0U, import_response.enforced.size());
957 EXPECT_GT(import_response.unenforced.size(), 0U);
958
959 // Check values derived from the key.
960 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA));
961 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 1024));
962
963 // And values provided by GoogleKeymaster
964 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
965 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
966
967 size_t message_len = 48;
968 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
969 std::fill(message.get(), message.get() + message_len, 'a');
970 SignMessage(import_response.key_blob, message.get(), message_len);
971 ASSERT_TRUE(signature() != NULL);
972
973 BeginOperationRequest begin_request;
974 BeginOperationResponse begin_response;
975 begin_request.SetKeyMaterial(import_response.key_blob);
976 begin_request.purpose = KM_PURPOSE_VERIFY;
977 AddClientParams(&begin_request.additional_params);
978
979 device.BeginOperation(begin_request, &begin_response);
980 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
981
982 UpdateOperationRequest update_request;
983 UpdateOperationResponse update_response;
984 update_request.op_handle = begin_response.op_handle;
985 update_request.input.Reinitialize(message.get(), message_len);
986 EXPECT_EQ(message_len, update_request.input.available_read());
987
988 device.UpdateOperation(update_request, &update_response);
989 ASSERT_EQ(KM_ERROR_OK, update_response.error);
990 EXPECT_EQ(0U, update_response.output.available_read());
991
992 FinishOperationRequest finish_request;
993 finish_request.op_handle = begin_response.op_handle;
994 finish_request.signature.Reinitialize(*signature());
995 FinishOperationResponse finish_response;
996 device.FinishOperation(finish_request, &finish_response);
997 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
998 EXPECT_EQ(0U, finish_response.output.available_read());
999
1000 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
1001 }
1002
TEST_F(ImportKeyTest,EcdsaSuccess)1003 TEST_F(ImportKeyTest, EcdsaSuccess) {
1004 keymaster_key_param_t params[] = {
1005 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
1006 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
1007 Authorization(TAG_DIGEST, KM_DIGEST_NONE),
1008 Authorization(TAG_PADDING, KM_PAD_NONE),
1009 Authorization(TAG_USER_ID, 7),
1010 Authorization(TAG_USER_AUTH_ID, 8),
1011 Authorization(TAG_APPLICATION_ID, "app_id", 6),
1012 Authorization(TAG_AUTH_TIMEOUT, 300),
1013 };
1014
1015 string pk8_key = read_file("ec_privkey_pk8.der");
1016 ASSERT_EQ(138U, pk8_key.size());
1017
1018 ImportKeyRequest import_request;
1019 import_request.key_description.Reinitialize(params, array_length(params));
1020 import_request.key_format = KM_KEY_FORMAT_PKCS8;
1021 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
1022
1023 ImportKeyResponse import_response;
1024 device.ImportKey(import_request, &import_response);
1025 ASSERT_EQ(KM_ERROR_OK, import_response.error);
1026 EXPECT_EQ(0U, import_response.enforced.size());
1027 EXPECT_GT(import_response.unenforced.size(), 0U);
1028
1029 // Check values derived from the key.
1030 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
1031 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 256));
1032
1033 // And values provided by GoogleKeymaster
1034 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
1035 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
1036
1037 size_t message_len = 1024 / 8;
1038 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
1039 std::fill(message.get(), message.get() + message_len, 'a');
1040 SignMessage(import_response.key_blob, message.get(), message_len);
1041 ASSERT_TRUE(signature() != NULL);
1042
1043 BeginOperationRequest begin_request;
1044 BeginOperationResponse begin_response;
1045 begin_request.SetKeyMaterial(import_response.key_blob);
1046 begin_request.purpose = KM_PURPOSE_VERIFY;
1047 AddClientParams(&begin_request.additional_params);
1048
1049 device.BeginOperation(begin_request, &begin_response);
1050 ASSERT_EQ(KM_ERROR_OK, begin_response.error);
1051
1052 UpdateOperationRequest update_request;
1053 UpdateOperationResponse update_response;
1054 update_request.op_handle = begin_response.op_handle;
1055 update_request.input.Reinitialize(message.get(), message_len);
1056 EXPECT_EQ(message_len, update_request.input.available_read());
1057
1058 device.UpdateOperation(update_request, &update_response);
1059 ASSERT_EQ(KM_ERROR_OK, update_response.error);
1060 EXPECT_EQ(0U, update_response.output.available_read());
1061
1062 FinishOperationRequest finish_request;
1063 finish_request.op_handle = begin_response.op_handle;
1064 finish_request.signature.Reinitialize(*signature());
1065 FinishOperationResponse finish_response;
1066 device.FinishOperation(finish_request, &finish_response);
1067 ASSERT_EQ(KM_ERROR_OK, finish_response.error);
1068 EXPECT_EQ(0U, finish_response.output.available_read());
1069
1070 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
1071 }
1072
1073 } // namespace test
1074 } // namespace keymaster
1075