1 /*
2  * Copyright (C) 2012 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <fcntl.h>
18 #include <stdlib.h>
19 #include <unistd.h>
20 #include <sys/mman.h>
21 #include <sys/stat.h>
22 #include <sys/types.h>
23 
24 #include <fstream>
25 #include <iostream>
26 
27 #include <gtest/gtest.h>
28 
29 #include <openssl/bn.h>
30 #include <openssl/evp.h>
31 #include <openssl/x509.h>
32 
33 #define LOG_TAG "keymaster_test"
34 #include <utils/Log.h>
35 
36 #include <UniquePtr.h>
37 
38 #include <hardware/keymaster0.h>
39 
40 namespace android {
41 
42 class UniqueBlob : public UniquePtr<uint8_t[]> {
43 public:
UniqueBlob(size_t length)44     explicit UniqueBlob(size_t length) :
45             mLength(length) {
46     }
47 
UniqueBlob(uint8_t * bytes,size_t length)48     UniqueBlob(uint8_t* bytes, size_t length) :
49             UniquePtr<uint8_t[]>(bytes), mLength(length) {
50     }
51 
operator ==(const UniqueBlob & other) const52     bool operator==(const UniqueBlob &other) const {
53         if (other.length() != mLength) {
54             return false;
55         }
56 
57         const uint8_t* mine = get();
58         const uint8_t* theirs = other.get();
59 
60         for (size_t i = 0; i < mLength; i++) {
61             if (mine[i] != theirs[i]) {
62                 return false;
63             }
64         }
65 
66         return true;
67     }
68 
length() const69     size_t length() const {
70         return mLength;
71     }
72 
73     friend std::ostream &operator<<(std::ostream &stream, const UniqueBlob& blob);
74 
75 private:
76     size_t mLength;
77 };
78 
operator <<(std::ostream & stream,const UniqueBlob & blob)79 std::ostream &operator<<(std::ostream &stream, const UniqueBlob& blob) {
80     const size_t length = blob.mLength;
81     stream << "Blob length=" << length << " < ";
82 
83     const uint8_t* data = blob.get();
84     for (size_t i = 0; i < length; i++) {
85         stream << std::hex << std::setw(2) << std::setfill('0')
86                 << static_cast<unsigned int>(data[i]) << ' ';
87     }
88     stream << '>' << std::endl;
89 
90     return stream;
91 }
92 
93 class UniqueKey : public UniqueBlob {
94 public:
UniqueKey(keymaster0_device_t ** dev,uint8_t * bytes,size_t length)95     UniqueKey(keymaster0_device_t** dev, uint8_t* bytes, size_t length) :
96             UniqueBlob(bytes, length), mDevice(dev) {
97     }
98 
~UniqueKey()99     ~UniqueKey() {
100         if (mDevice != NULL && *mDevice != NULL) {
101             keymaster0_device_t* dev = *mDevice;
102             if (dev->delete_keypair != NULL) {
103                 dev->delete_keypair(dev, get(), length());
104             }
105         }
106     }
107 
108 private:
109     keymaster0_device_t** mDevice;
110 };
111 
112 class UniqueReadOnlyBlob {
113 public:
UniqueReadOnlyBlob(uint8_t * data,size_t dataSize)114     UniqueReadOnlyBlob(uint8_t* data, size_t dataSize) :
115             mDataSize(dataSize) {
116         int pageSize = sysconf(_SC_PAGE_SIZE);
117         if (pageSize == -1) {
118             return;
119         }
120 
121         int fd = open("/dev/zero", O_RDONLY);
122         if (fd == -1) {
123             return;
124         }
125 
126         mBufferSize = (dataSize + pageSize - 1) & ~(pageSize - 1);
127         uint8_t* buffer = (uint8_t*) mmap(NULL, mBufferSize, PROT_READ | PROT_WRITE,
128                                           MAP_PRIVATE, fd, 0);
129         close(fd);
130 
131         if (buffer == NULL) {
132             return;
133         }
134 
135         memcpy(buffer, data, dataSize);
136         if (mprotect(buffer, mBufferSize, PROT_READ) == -1) {
137             munmap(buffer, mBufferSize);
138             return;
139         }
140 
141         mBuffer = buffer;
142     }
143 
~UniqueReadOnlyBlob()144     ~UniqueReadOnlyBlob() {
145         munmap(mBuffer, mBufferSize);
146     }
147 
get() const148     uint8_t* get() const {
149         return mBuffer;
150     }
151 
length() const152     size_t length() const {
153         return mDataSize;
154     }
155 
156 private:
157     uint8_t* mBuffer;
158     size_t mBufferSize;
159     size_t mDataSize;
160 };
161 
162 struct BIGNUM_Delete {
operator ()android::BIGNUM_Delete163     void operator()(BIGNUM* p) const {
164         BN_free(p);
165     }
166 };
167 typedef UniquePtr<BIGNUM, BIGNUM_Delete> Unique_BIGNUM;
168 
169 struct EVP_PKEY_Delete {
operator ()android::EVP_PKEY_Delete170     void operator()(EVP_PKEY* p) const {
171         EVP_PKEY_free(p);
172     }
173 };
174 typedef UniquePtr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY;
175 
176 struct PKCS8_PRIV_KEY_INFO_Delete {
operator ()android::PKCS8_PRIV_KEY_INFO_Delete177     void operator()(PKCS8_PRIV_KEY_INFO* p) const {
178         PKCS8_PRIV_KEY_INFO_free(p);
179     }
180 };
181 typedef UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;
182 
183 struct RSA_Delete {
operator ()android::RSA_Delete184     void operator()(RSA* p) const {
185         RSA_free(p);
186     }
187 };
188 typedef UniquePtr<RSA, RSA_Delete> Unique_RSA;
189 
190 struct EC_KEY_Delete {
operator ()android::EC_KEY_Delete191     void operator()(EC_KEY* p) const {
192         EC_KEY_free(p);
193     }
194 };
195 typedef UniquePtr<EC_KEY, EC_KEY_Delete> Unique_EC_KEY;
196 
197 
198 /*
199  * DER-encoded PKCS#8 format RSA key. Generated using:
200  *
201  * openssl genrsa 2048 | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
202  */
203 static uint8_t TEST_RSA_KEY_1[] = {
204         0x30, 0x82, 0x04, 0xBE, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A,
205         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
206         0x04, 0xA8, 0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01,
207         0x01, 0x00, 0xD8, 0x58, 0xD4, 0x9F, 0xC0, 0xE8, 0xF0, 0xFF, 0x87, 0x27,
208         0x43, 0xE6, 0x2E, 0xE6, 0x9A, 0x42, 0x3B, 0x39, 0x94, 0x84, 0x43, 0x55,
209         0x8D, 0x20, 0x5B, 0x71, 0x88, 0xE6, 0xD1, 0x62, 0xC8, 0xF2, 0x20, 0xD0,
210         0x75, 0x13, 0x83, 0xA3, 0x5D, 0x19, 0xA8, 0x62, 0xD0, 0x5F, 0x3E, 0x8A,
211         0x7C, 0x0E, 0x26, 0xA9, 0xFF, 0xB2, 0x5E, 0x63, 0xAA, 0x3C, 0x8D, 0x13,
212         0x41, 0xAA, 0xD5, 0x03, 0x01, 0x01, 0x53, 0xC9, 0x02, 0x1C, 0xEC, 0xE8,
213         0xC4, 0x70, 0x3F, 0x43, 0xE5, 0x51, 0xD0, 0x6E, 0x52, 0x0B, 0xC4, 0x0A,
214         0xA3, 0x61, 0xDE, 0xE3, 0x72, 0x0C, 0x94, 0xF1, 0x1C, 0x2D, 0x36, 0x77,
215         0xBB, 0x16, 0xA8, 0x63, 0x4B, 0xD1, 0x07, 0x00, 0x42, 0x2D, 0x2B, 0x10,
216         0x80, 0x45, 0xF3, 0x0C, 0xF9, 0xC5, 0xAC, 0xCC, 0x64, 0x87, 0xFD, 0x5D,
217         0xC8, 0x51, 0xD4, 0x1C, 0x9E, 0x6E, 0x9B, 0xC4, 0x27, 0x5E, 0x73, 0xA7,
218         0x2A, 0xF6, 0x90, 0x42, 0x0C, 0x34, 0x93, 0xB7, 0x02, 0x19, 0xA9, 0x64,
219         0x6C, 0x46, 0x3B, 0x40, 0x02, 0x2F, 0x54, 0x69, 0x79, 0x26, 0x7D, 0xF6,
220         0x85, 0x90, 0x01, 0xD0, 0x21, 0x07, 0xD0, 0x14, 0x00, 0x65, 0x9C, 0xAC,
221         0x24, 0xE8, 0x78, 0x42, 0x3B, 0x90, 0x75, 0x19, 0x55, 0x11, 0x4E, 0xD9,
222         0xE6, 0x97, 0x87, 0xBC, 0x8D, 0x2C, 0x9B, 0xF0, 0x1F, 0x14, 0xEB, 0x6A,
223         0x57, 0xCE, 0x78, 0xAD, 0xCE, 0xD9, 0xFB, 0xB9, 0xA1, 0xEF, 0x0C, 0x1F,
224         0xDD, 0xE3, 0x5B, 0x73, 0xA0, 0xEC, 0x37, 0x9C, 0xE1, 0xFD, 0x86, 0x28,
225         0xC3, 0x4A, 0x42, 0xD0, 0xA3, 0xFE, 0x57, 0x09, 0x29, 0xD8, 0xF6, 0xEC,
226         0xE3, 0xC0, 0x71, 0x7C, 0x29, 0x27, 0xC2, 0xD1, 0x3E, 0x22, 0xBC, 0xBD,
227         0x5A, 0x85, 0x41, 0xF6, 0x15, 0xDA, 0x0C, 0x58, 0x5A, 0x61, 0x5B, 0x78,
228         0xB8, 0xAA, 0xEC, 0x5C, 0x1C, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
229         0x82, 0x01, 0x00, 0x1D, 0x10, 0x31, 0xE0, 0x14, 0x26, 0x36, 0xD9, 0xDC,
230         0xEA, 0x25, 0x70, 0xF2, 0xB3, 0xFF, 0xDD, 0x0D, 0xDF, 0xBA, 0x57, 0xDA,
231         0x43, 0xCF, 0xE5, 0x9C, 0xE3, 0x2F, 0xA4, 0xF2, 0x53, 0xF6, 0xF2, 0xAF,
232         0xFD, 0xD0, 0xFC, 0x82, 0x1E, 0x9C, 0x0F, 0x2A, 0x53, 0xBB, 0xF2, 0x4F,
233         0x90, 0x83, 0x01, 0xD3, 0xA7, 0xDA, 0xB5, 0xB7, 0x80, 0x64, 0x0A, 0x26,
234         0x59, 0x83, 0xE4, 0xD3, 0x20, 0xC8, 0x2D, 0xC9, 0x77, 0xA3, 0x55, 0x07,
235         0x6E, 0x6D, 0x95, 0x36, 0xAA, 0x84, 0x4F, 0xED, 0x54, 0x24, 0xA9, 0x77,
236         0xF8, 0x85, 0xE2, 0x4B, 0xF2, 0xFA, 0x0B, 0x3E, 0xA6, 0xF5, 0x46, 0x0D,
237         0x9F, 0x1F, 0xFE, 0xF7, 0x37, 0xFF, 0xA3, 0x60, 0xF1, 0x63, 0xF2, 0x75,
238         0x6A, 0x8E, 0x10, 0xD7, 0x89, 0xD2, 0xB3, 0xFF, 0x76, 0xA5, 0xBA, 0xAF,
239         0x0A, 0xBE, 0x32, 0x5F, 0xF0, 0x48, 0x48, 0x4B, 0x9C, 0x9A, 0x3D, 0x12,
240         0xA7, 0xD2, 0x07, 0xC7, 0x59, 0x32, 0x94, 0x95, 0x65, 0x2F, 0x87, 0x34,
241         0x76, 0xBA, 0x7C, 0x08, 0x4B, 0xAB, 0xA6, 0x24, 0xDF, 0x64, 0xDB, 0x48,
242         0x63, 0x42, 0x06, 0xE2, 0x2C, 0x3D, 0xFB, 0xE5, 0x47, 0x81, 0x94, 0x98,
243         0xF7, 0x32, 0x4B, 0x28, 0xEB, 0x42, 0xB8, 0xE9, 0x8E, 0xFC, 0xC9, 0x43,
244         0xC9, 0x47, 0xE6, 0xE7, 0x1C, 0xDC, 0x71, 0xEF, 0x4D, 0x8A, 0xB1, 0xFC,
245         0x45, 0x37, 0xEC, 0xB3, 0x16, 0x88, 0x5B, 0xE2, 0xEC, 0x8B, 0x6B, 0x75,
246         0x16, 0xBE, 0x6B, 0xF8, 0x2C, 0xF8, 0xC9, 0xD1, 0xF7, 0x55, 0x87, 0x57,
247         0x5F, 0xDE, 0xF4, 0x7E, 0x72, 0x13, 0x06, 0x2A, 0x21, 0xB7, 0x78, 0x21,
248         0x05, 0xFD, 0xE2, 0x5F, 0x7B, 0x7C, 0xF0, 0x26, 0x2B, 0x75, 0x7F, 0x68,
249         0xF9, 0xA6, 0x98, 0xFD, 0x54, 0x0E, 0xCC, 0x22, 0x41, 0x7F, 0x29, 0x81,
250         0x2F, 0xA3, 0x3C, 0x3D, 0x64, 0xC8, 0x41, 0x02, 0x81, 0x81, 0x00, 0xFA,
251         0xFA, 0xE4, 0x2E, 0x30, 0xF0, 0x7A, 0x8D, 0x95, 0xB8, 0x39, 0x58, 0x27,
252         0x0F, 0x89, 0x0C, 0xDF, 0xFE, 0x2F, 0x55, 0x3B, 0x6F, 0xDD, 0x5F, 0x12,
253         0xB3, 0xD1, 0xCF, 0x5B, 0x8D, 0xB6, 0x10, 0x1C, 0x87, 0x0C, 0x30, 0x89,
254         0x2D, 0xBB, 0xB8, 0xA1, 0x78, 0x0F, 0x54, 0xA6, 0x36, 0x46, 0x05, 0x8B,
255         0x5A, 0xFF, 0x48, 0x03, 0x13, 0xAE, 0x95, 0x96, 0x5D, 0x6C, 0xDA, 0x5D,
256         0xF7, 0xAD, 0x1D, 0x33, 0xED, 0x23, 0xF5, 0x4B, 0x03, 0x78, 0xE7, 0x50,
257         0xD1, 0x2D, 0x95, 0x22, 0x35, 0x02, 0x5B, 0x4A, 0x4E, 0x73, 0xC9, 0xB7,
258         0x05, 0xC4, 0x21, 0x86, 0x1F, 0x1E, 0x40, 0x83, 0xBC, 0x8A, 0x3A, 0x95,
259         0x24, 0x62, 0xF4, 0x58, 0x38, 0x64, 0x4A, 0x89, 0x8A, 0x27, 0x59, 0x12,
260         0x9D, 0x21, 0xC3, 0xA6, 0x42, 0x1E, 0x2A, 0x3F, 0xD8, 0x65, 0x1F, 0x6E,
261         0x3E, 0x4D, 0x5C, 0xCC, 0xEA, 0x8E, 0x15, 0x02, 0x81, 0x81, 0x00, 0xDC,
262         0xAC, 0x9B, 0x00, 0xDB, 0xF9, 0xB2, 0xBF, 0xC4, 0x5E, 0xB6, 0xB7, 0x63,
263         0xEB, 0x13, 0x4B, 0xE2, 0xA6, 0xC8, 0x72, 0x90, 0xD8, 0xC2, 0x33, 0x33,
264         0xF0, 0x66, 0x75, 0xBD, 0x50, 0x7C, 0xA4, 0x8F, 0x82, 0xFB, 0xFF, 0x44,
265         0x3B, 0xE7, 0x15, 0x3A, 0x0C, 0x7A, 0xF8, 0x92, 0x86, 0x4A, 0x79, 0x32,
266         0x08, 0x82, 0x1D, 0x6A, 0xBA, 0xAD, 0x8A, 0xB3, 0x3D, 0x7F, 0xA5, 0xB4,
267         0x6F, 0x67, 0x86, 0x7E, 0xB2, 0x9C, 0x2A, 0xF6, 0x7C, 0x49, 0x21, 0xC5,
268         0x3F, 0x00, 0x3F, 0x9B, 0xF7, 0x0F, 0x6C, 0x35, 0x80, 0x75, 0x73, 0xC0,
269         0xF8, 0x3E, 0x30, 0x5F, 0x74, 0x2F, 0x15, 0x41, 0xEA, 0x0F, 0xCE, 0x0E,
270         0x18, 0x17, 0x68, 0xBA, 0xC4, 0x29, 0xF2, 0xE2, 0x2C, 0x1D, 0x55, 0x83,
271         0xB6, 0x64, 0x2E, 0x03, 0x12, 0xA4, 0x0D, 0xBF, 0x4F, 0x2E, 0xBE, 0x7C,
272         0x41, 0xD9, 0xCD, 0xD0, 0x52, 0x91, 0xD5, 0x02, 0x81, 0x81, 0x00, 0xD4,
273         0x55, 0xEB, 0x32, 0xC1, 0x28, 0xD3, 0x26, 0x72, 0x22, 0xB8, 0x31, 0x42,
274         0x6A, 0xBC, 0x52, 0x6E, 0x37, 0x48, 0xA8, 0x5D, 0x6E, 0xD8, 0xE5, 0x14,
275         0x97, 0x99, 0xCC, 0x4A, 0xF2, 0xEB, 0xB3, 0x59, 0xCF, 0x4F, 0x9A, 0xC8,
276         0x94, 0x2E, 0x9B, 0x97, 0xD0, 0x51, 0x78, 0x16, 0x5F, 0x18, 0x82, 0x9C,
277         0x51, 0xD2, 0x64, 0x84, 0x65, 0xE4, 0x70, 0x9E, 0x14, 0x50, 0x81, 0xB6,
278         0xBA, 0x52, 0x75, 0xC0, 0x76, 0xC2, 0xD3, 0x46, 0x31, 0x9B, 0xDA, 0x67,
279         0xDF, 0x71, 0x27, 0x19, 0x17, 0xAB, 0xF4, 0xBC, 0x3A, 0xFF, 0x6F, 0x0B,
280         0x2F, 0x0F, 0xAE, 0x25, 0x20, 0xB2, 0xA1, 0x76, 0x52, 0xCE, 0xC7, 0x9D,
281         0x62, 0x79, 0x6D, 0xAC, 0x2D, 0x99, 0x7C, 0x0E, 0x3D, 0x19, 0xE9, 0x1B,
282         0xFC, 0x60, 0x92, 0x7C, 0x58, 0xB7, 0xD8, 0x9A, 0xC7, 0x63, 0x56, 0x62,
283         0x18, 0xC7, 0xAE, 0xD9, 0x97, 0x1F, 0xB9, 0x02, 0x81, 0x81, 0x00, 0x91,
284         0x40, 0xC4, 0x1E, 0x82, 0xAD, 0x0F, 0x6D, 0x8E, 0xD2, 0x51, 0x2E, 0xD1,
285         0x84, 0x30, 0x85, 0x68, 0xC1, 0x23, 0x7B, 0xD5, 0xBF, 0xF7, 0xC4, 0x40,
286         0x51, 0xE2, 0xFF, 0x69, 0x07, 0x8B, 0xA3, 0xBE, 0x1B, 0x17, 0xC8, 0x64,
287         0x9F, 0x91, 0x71, 0xB5, 0x6D, 0xF5, 0x9B, 0x9C, 0xC6, 0xEC, 0x4A, 0x6E,
288         0x16, 0x8F, 0x9E, 0xD1, 0x5B, 0xE3, 0x53, 0x42, 0xBC, 0x1E, 0x43, 0x72,
289         0x4B, 0x4A, 0x37, 0x8B, 0x3A, 0x01, 0xF5, 0x7D, 0x9D, 0x3D, 0x7E, 0x0F,
290         0x19, 0x73, 0x0E, 0x6B, 0x98, 0xE9, 0xFB, 0xEE, 0x13, 0x8A, 0x3C, 0x11,
291         0x2E, 0xD5, 0xB0, 0x7D, 0x84, 0x3A, 0x61, 0xA1, 0xAB, 0x71, 0x8F, 0xCE,
292         0x53, 0x29, 0x45, 0x74, 0x7A, 0x1E, 0xAA, 0x93, 0x19, 0x3A, 0x8D, 0xC9,
293         0x4E, 0xCB, 0x0E, 0x46, 0x53, 0x84, 0xCC, 0xCF, 0xBA, 0x4D, 0x28, 0x71,
294         0x1D, 0xDF, 0x41, 0xCB, 0xF8, 0x2D, 0xA9, 0x02, 0x81, 0x80, 0x04, 0x8B,
295         0x4A, 0xEA, 0xBD, 0x39, 0x0B, 0x96, 0xC5, 0x1D, 0xA4, 0x47, 0xFD, 0x46,
296         0xD2, 0x8A, 0xEA, 0x2A, 0xF3, 0x9D, 0x3A, 0x7E, 0x16, 0x74, 0xFC, 0x13,
297         0xDE, 0x4D, 0xA9, 0x85, 0x42, 0x33, 0x02, 0x92, 0x0B, 0xB6, 0xDB, 0x7E,
298         0xEA, 0x85, 0xC2, 0x94, 0x43, 0x52, 0x37, 0x5A, 0x77, 0xAB, 0xCB, 0x61,
299         0x88, 0xDE, 0xF8, 0xFA, 0xDB, 0xE8, 0x0B, 0x95, 0x7D, 0x39, 0x19, 0xA2,
300         0x89, 0xB9, 0x32, 0xB2, 0x50, 0x38, 0xF7, 0x88, 0x69, 0xFD, 0xA4, 0x63,
301         0x1F, 0x9B, 0x03, 0xD8, 0xA6, 0x7A, 0x05, 0x76, 0x02, 0x28, 0x93, 0x82,
302         0x73, 0x7F, 0x14, 0xCC, 0xBE, 0x29, 0x10, 0xAD, 0x8A, 0x2E, 0xAC, 0xED,
303         0x11, 0xA7, 0x72, 0x7C, 0x60, 0x78, 0x72, 0xFB, 0x78, 0x20, 0x18, 0xC9,
304         0x7E, 0x63, 0xAD, 0x55, 0x54, 0x51, 0xDB, 0x9F, 0x7B, 0xD4, 0x8F, 0xB2,
305         0xDE, 0x3B, 0xF1, 0x70, 0x23, 0xE5,
306 };
307 
308 /*
309  * DER-encoded PKCS#8 format EC key. Generated using:
310  *
311  * openssl ecparam -name prime256v1 -genkey -noout | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
312  */
313 static uint8_t TEST_EC_KEY_1[] = {
314         0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86,
315         0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
316         0x03, 0x01, 0x07, 0x04, 0x6D, 0x30, 0x6B, 0x02, 0x01, 0x01, 0x04, 0x20,
317         0x25, 0xAC, 0x77, 0x2B, 0x04, 0x33, 0xC8, 0x16, 0x59, 0xA3, 0xC7, 0xE7,
318         0x11, 0x42, 0xD0, 0x11, 0x71, 0x30, 0x7B, 0xB8, 0xD2, 0x67, 0xFF, 0x9C,
319         0x5F, 0x50, 0x2E, 0xAB, 0x67, 0xD4, 0x17, 0x51, 0xA1, 0x44, 0x03, 0x42,
320         0x00, 0x04, 0xCF, 0xCE, 0xB8, 0x7F, 0x88, 0x36, 0xC4, 0xF8, 0x51, 0x29,
321         0xE2, 0xA7, 0x21, 0xC3, 0x3B, 0xFF, 0x88, 0xE3, 0x87, 0x98, 0xD1, 0xA6,
322         0x4B, 0xB3, 0x4B, 0xD5, 0x44, 0xF8, 0xE0, 0x43, 0x6B, 0x50, 0x74, 0xFB,
323         0xB0, 0xAD, 0x41, 0x1C, 0x11, 0x9D, 0xC6, 0x1E, 0x83, 0x8C, 0x49, 0xCA,
324         0xBE, 0xC6, 0xCE, 0xB6, 0xC9, 0xA1, 0xBF, 0x69, 0xA9, 0xA0, 0xA3, 0x80,
325         0x14, 0x39, 0x57, 0x94, 0xDA, 0x5D
326 };
327 
328 
329 /*
330  * Generated using keys on the keyboard and lack of imagination.
331  */
332 static unsigned char BOGUS_KEY_1[] = { 0xFF, 0xFF, 0xFF, 0xFF };
333 
334 
335 class KeymasterBaseTest : public ::testing::Test {
336 public:
SetUpTestCase()337     static void SetUpTestCase() {
338         const hw_module_t* mod;
339         ASSERT_EQ(0, hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod))
340                 << "Should be able to find a keymaster hardware module";
341 
342         std::cout << "Using keymaster module: " << mod->name << std::endl;
343 
344         ASSERT_EQ(0, keymaster0_open(mod, &sDevice))
345                 << "Should be able to open the keymaster device";
346 
347         ASSERT_EQ(KEYMASTER_MODULE_API_VERSION_0_2, mod->module_api_version)
348                 << "Keymaster should implement API version 2";
349 
350         ASSERT_TRUE(sDevice->generate_keypair != NULL)
351                 << "Should implement generate_keypair";
352 
353         ASSERT_TRUE(sDevice->import_keypair != NULL)
354                 << "Should implement import_keypair";
355 
356         ASSERT_TRUE(sDevice->get_keypair_public != NULL)
357                 << "Should implement get_keypair_public";
358 
359         ASSERT_TRUE(sDevice->sign_data != NULL)
360                 << "Should implement sign_data";
361 
362         ASSERT_TRUE(sDevice->verify_data != NULL)
363                 << "Should implement verify_data";
364     }
365 
TearDownTestCase()366     static void TearDownTestCase() {
367         ASSERT_EQ(0, keymaster0_close(sDevice));
368     }
369 
370 protected:
371     static keymaster0_device_t* sDevice;
372 };
373 
374 keymaster0_device_t* KeymasterBaseTest::sDevice = NULL;
375 
376 class KeymasterTest : public KeymasterBaseTest {
377 };
378 
379 class KeymasterAllTypesTest : public KeymasterBaseTest,
380                               public ::testing::WithParamInterface<keymaster_keypair_t> {
381 };
382 
383 class KeymasterGenerateRSATest : public KeymasterBaseTest,
384                               public ::testing::WithParamInterface<uint32_t> {
385 };
386 
387 class KeymasterGenerateDSATest : public KeymasterBaseTest,
388                               public ::testing::WithParamInterface<uint32_t> {
389 };
390 
391 class KeymasterGenerateECTest : public KeymasterBaseTest,
392                               public ::testing::WithParamInterface<uint32_t> {
393 };
394 
TEST_P(KeymasterGenerateRSATest,GenerateKeyPair_RSA_Success)395 TEST_P(KeymasterGenerateRSATest, GenerateKeyPair_RSA_Success) {
396     keymaster_keypair_t key_type = TYPE_RSA;
397     keymaster_rsa_keygen_params_t params = {
398             .modulus_size = GetParam(),
399             .public_exponent = RSA_F4,
400     };
401 
402     uint8_t* key_blob;
403     size_t key_blob_length;
404 
405     ASSERT_EQ(0,
406             sDevice->generate_keypair(sDevice, key_type, &params, &key_blob, &key_blob_length))
407             << "Should generate an RSA key with " << GetParam() << " bit modulus size";
408     UniqueKey key(&sDevice, key_blob, key_blob_length);
409 
410     uint8_t* x509_data = NULL;
411     size_t x509_data_length;
412     ASSERT_EQ(0,
413             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
414                     &x509_data, &x509_data_length))
415             << "Should be able to retrieve RSA public key successfully";
416     UniqueBlob x509_blob(x509_data, x509_data_length);
417     ASSERT_FALSE(x509_blob.get() == NULL)
418             << "X509 data should be allocated";
419 
420     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
421     Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
422             static_cast<long>(x509_blob.length())));
423 
424     ASSERT_EQ(EVP_PKEY_RSA, EVP_PKEY_type(actual.get()->type))
425             << "Generated key type should be of type RSA";
426 
427     Unique_RSA rsa(EVP_PKEY_get1_RSA(actual.get()));
428     ASSERT_FALSE(rsa.get() == NULL)
429             << "Should be able to extract RSA key from EVP_PKEY";
430 
431     ASSERT_EQ(static_cast<unsigned long>(RSA_F4), BN_get_word(rsa.get()->e))
432             << "Exponent should be RSA_F4";
433 
434     ASSERT_EQ((GetParam() + 7) / 8, static_cast<uint32_t>(RSA_size(rsa.get())))
435             << "Modulus size should be the specified parameter";
436 }
437 
438 INSTANTIATE_TEST_CASE_P(RSA,
439                         KeymasterGenerateRSATest,
440                         ::testing::Values(512U, 1024U, 2048U, 3072U, 4096U));
441 
442 
TEST_P(KeymasterGenerateECTest,GenerateKeyPair_EC_Success)443 TEST_P(KeymasterGenerateECTest, GenerateKeyPair_EC_Success) {
444     keymaster_keypair_t key_type = TYPE_EC;
445     keymaster_ec_keygen_params_t params = {
446             .field_size = GetParam(),
447     };
448 
449     uint8_t* key_blob;
450     size_t key_blob_length;
451 
452     ASSERT_EQ(0,
453             sDevice->generate_keypair(sDevice, key_type, &params, &key_blob, &key_blob_length))
454             << "Should generate an EC key with " << GetParam() << " field size";
455     UniqueKey key(&sDevice, key_blob, key_blob_length);
456 
457     uint8_t* x509_data = NULL;
458     size_t x509_data_length;
459     ASSERT_EQ(0,
460             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
461                     &x509_data, &x509_data_length))
462             << "Should be able to retrieve EC public key successfully";
463     UniqueBlob x509_blob(x509_data, x509_data_length);
464     ASSERT_FALSE(x509_blob.get() == NULL)
465             << "X509 data should be allocated";
466 
467     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
468     Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
469             static_cast<long>(x509_blob.length())));
470 
471     ASSERT_EQ(EVP_PKEY_EC, EVP_PKEY_type(actual.get()->type))
472             << "Generated key type should be of type EC";
473 
474     Unique_EC_KEY ecKey(EVP_PKEY_get1_EC_KEY(actual.get()));
475     ASSERT_FALSE(ecKey.get() == NULL)
476             << "Should be able to extract EC key from EVP_PKEY";
477 
478     ASSERT_FALSE(EC_KEY_get0_group(ecKey.get()) == NULL)
479             << "EC key should have a EC_GROUP";
480 
481     ASSERT_TRUE(EC_KEY_check_key(ecKey.get()))
482             << "EC key should check correctly";
483 }
484 
485 INSTANTIATE_TEST_CASE_P(EC,
486                         KeymasterGenerateECTest,
487                         ::testing::Values(192U, 224U, 256U, 384U, 521U));
488 
489 
TEST_P(KeymasterAllTypesTest,GenerateKeyPair_NullParams_Failure)490 TEST_P(KeymasterAllTypesTest, GenerateKeyPair_NullParams_Failure) {
491     keymaster_keypair_t key_type = GetParam();
492 
493     uint8_t* key_blob;
494     size_t key_blob_length;
495 
496     ASSERT_EQ(-1,
497             sDevice->generate_keypair(sDevice, key_type, NULL, &key_blob, &key_blob_length))
498             << "Should not be able to generate a key with null params";
499 }
500 
501 INSTANTIATE_TEST_CASE_P(Types,
502                         KeymasterAllTypesTest,
503                         ::testing::Values(TYPE_RSA, TYPE_DSA, TYPE_EC));
504 
TEST_F(KeymasterTest,GenerateKeyPair_UnknownType_Failure)505 TEST_F(KeymasterTest, GenerateKeyPair_UnknownType_Failure) {
506     keymaster_keypair_t key_type = static_cast<keymaster_keypair_t>(0xFFFF);
507 
508     uint8_t* key_blob;
509     size_t key_blob_length;
510 
511     ASSERT_EQ(-1,
512             sDevice->generate_keypair(sDevice, key_type, NULL, &key_blob, &key_blob_length))
513             << "Should not generate an unknown key type";
514 }
515 
TEST_F(KeymasterTest,ImportKeyPair_RSA_Success)516 TEST_F(KeymasterTest, ImportKeyPair_RSA_Success) {
517     uint8_t* key_blob;
518     size_t key_blob_length;
519 
520     ASSERT_EQ(0,
521             sDevice->import_keypair(sDevice, TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1),
522                     &key_blob, &key_blob_length))
523             << "Should successfully import an RSA key";
524     UniqueKey key(&sDevice, key_blob, key_blob_length);
525 
526     uint8_t* x509_data;
527     size_t x509_data_length;
528     ASSERT_EQ(0,
529             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
530                     &x509_data, &x509_data_length))
531             << "Should be able to retrieve RSA public key successfully";
532     UniqueBlob x509_blob(x509_data, x509_data_length);
533 
534     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
535     Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
536             static_cast<long>(x509_blob.length())));
537 
538     ASSERT_EQ(EVP_PKEY_type(actual.get()->type), EVP_PKEY_RSA)
539             << "Generated key type should be of type RSA";
540 
541     const unsigned char *expectedTmp = static_cast<const unsigned char*>(TEST_RSA_KEY_1);
542     Unique_PKCS8_PRIV_KEY_INFO expectedPkcs8(
543             d2i_PKCS8_PRIV_KEY_INFO((PKCS8_PRIV_KEY_INFO**) NULL, &expectedTmp,
544                     sizeof(TEST_RSA_KEY_1)));
545 
546     Unique_EVP_PKEY expected(EVP_PKCS82PKEY(expectedPkcs8.get()));
547 
548     ASSERT_EQ(1, EVP_PKEY_cmp(expected.get(), actual.get()))
549             << "Expected and actual keys should match";
550 }
551 
TEST_F(KeymasterTest,ImportKeyPair_EC_Success)552 TEST_F(KeymasterTest, ImportKeyPair_EC_Success) {
553     uint8_t* key_blob;
554     size_t key_blob_length;
555 
556     ASSERT_EQ(0,
557             sDevice->import_keypair(sDevice, TEST_EC_KEY_1, sizeof(TEST_EC_KEY_1),
558                     &key_blob, &key_blob_length))
559             << "Should successfully import an EC key";
560     UniqueKey key(&sDevice, key_blob, key_blob_length);
561 
562     uint8_t* x509_data;
563     size_t x509_data_length;
564     ASSERT_EQ(0,
565             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
566                     &x509_data, &x509_data_length))
567             << "Should be able to retrieve EC public key successfully";
568     UniqueBlob x509_blob(x509_data, x509_data_length);
569 
570     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
571     Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
572             static_cast<long>(x509_blob.length())));
573 
574     ASSERT_EQ(EVP_PKEY_type(actual.get()->type), EVP_PKEY_EC)
575             << "Generated key type should be of type EC";
576 
577     const unsigned char *expectedTmp = static_cast<const unsigned char*>(TEST_EC_KEY_1);
578     Unique_PKCS8_PRIV_KEY_INFO expectedPkcs8(
579             d2i_PKCS8_PRIV_KEY_INFO((PKCS8_PRIV_KEY_INFO**) NULL, &expectedTmp,
580                     sizeof(TEST_EC_KEY_1)));
581 
582     Unique_EVP_PKEY expected(EVP_PKCS82PKEY(expectedPkcs8.get()));
583 
584     ASSERT_EQ(1, EVP_PKEY_cmp(expected.get(), actual.get()))
585             << "Expected and actual keys should match";
586 }
587 
TEST_F(KeymasterTest,ImportKeyPair_BogusKey_Failure)588 TEST_F(KeymasterTest, ImportKeyPair_BogusKey_Failure) {
589     uint8_t* key_blob;
590     size_t key_blob_length;
591 
592     ASSERT_EQ(-1,
593             sDevice->import_keypair(sDevice, BOGUS_KEY_1, sizeof(BOGUS_KEY_1),
594                     &key_blob, &key_blob_length))
595             << "Should not import an unknown key type";
596 }
597 
TEST_F(KeymasterTest,ImportKeyPair_NullKey_Failure)598 TEST_F(KeymasterTest, ImportKeyPair_NullKey_Failure) {
599     uint8_t* key_blob;
600     size_t key_blob_length;
601 
602     ASSERT_EQ(-1,
603             sDevice->import_keypair(sDevice, NULL, 0,
604                     &key_blob, &key_blob_length))
605             << "Should not import a null key";
606 }
607 
TEST_F(KeymasterTest,GetKeypairPublic_RSA_Success)608 TEST_F(KeymasterTest, GetKeypairPublic_RSA_Success) {
609     uint8_t* key_blob;
610     size_t key_blob_length;
611 
612     UniqueReadOnlyBlob testKey(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
613     ASSERT_TRUE(testKey.get() != NULL);
614 
615     ASSERT_EQ(0,
616             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
617                     &key_blob, &key_blob_length))
618             << "Should successfully import an RSA key";
619     UniqueKey key(&sDevice, key_blob, key_blob_length);
620 
621     uint8_t* x509_data;
622     size_t x509_data_length;
623     ASSERT_EQ(0,
624             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
625                     &x509_data, &x509_data_length))
626             << "Should be able to retrieve RSA public key successfully";
627     UniqueBlob x509_blob(x509_data, x509_data_length);
628 }
629 
TEST_F(KeymasterTest,GetKeypairPublic_EC_Success)630 TEST_F(KeymasterTest, GetKeypairPublic_EC_Success) {
631     uint8_t* key_blob;
632     size_t key_blob_length;
633 
634     UniqueReadOnlyBlob testKey(TEST_EC_KEY_1, sizeof(TEST_EC_KEY_1));
635     ASSERT_TRUE(testKey.get() != NULL);
636 
637     ASSERT_EQ(0,
638             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
639                     &key_blob, &key_blob_length))
640             << "Should successfully import an EC key";
641     UniqueKey key(&sDevice, key_blob, key_blob_length);
642 
643     uint8_t* x509_data;
644     size_t x509_data_length;
645     ASSERT_EQ(0,
646             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
647                     &x509_data, &x509_data_length))
648             << "Should be able to retrieve EC public key successfully";
649     UniqueBlob x509_blob(x509_data, x509_data_length);
650 }
651 
TEST_F(KeymasterTest,GetKeypairPublic_NullKey_Failure)652 TEST_F(KeymasterTest, GetKeypairPublic_NullKey_Failure) {
653     uint8_t* key_blob;
654     size_t key_blob_length;
655 
656     uint8_t* x509_data = NULL;
657     size_t x509_data_length;
658     ASSERT_EQ(-1,
659             sDevice->get_keypair_public(sDevice, NULL, 0,
660                     &x509_data, &x509_data_length))
661             << "Should not be able to retrieve public key from null key";
662     UniqueBlob x509_blob(x509_data, x509_data_length);
663 }
664 
TEST_F(KeymasterTest,GetKeypairPublic_RSA_NullDestination_Failure)665 TEST_F(KeymasterTest, GetKeypairPublic_RSA_NullDestination_Failure) {
666     uint8_t* key_blob;
667     size_t key_blob_length;
668 
669     UniqueReadOnlyBlob testKey(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
670     ASSERT_TRUE(testKey.get() != NULL);
671 
672     ASSERT_EQ(0,
673             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
674                     &key_blob, &key_blob_length))
675             << "Should successfully import an RSA key";
676     UniqueKey key(&sDevice, key_blob, key_blob_length);
677 
678     ASSERT_EQ(-1,
679             sDevice->get_keypair_public(sDevice, key.get(), key.length(),
680                     NULL, NULL))
681             << "Should not be able to succeed with NULL destination blob";
682 }
683 
TEST_F(KeymasterTest,GetKeypairPublic_EC_NullDestination_Failure)684 TEST_F(KeymasterTest, GetKeypairPublic_EC_NullDestination_Failure) {
685     uint8_t* key_blob;
686     size_t key_blob_length;
687 
688     UniqueReadOnlyBlob testKey(TEST_EC_KEY_1, sizeof(TEST_EC_KEY_1));
689     ASSERT_TRUE(testKey.get() != NULL);
690 
691     ASSERT_EQ(0,
692             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
693                     &key_blob, &key_blob_length))
694             << "Should successfully import an RSA key";
695     UniqueKey key(&sDevice, key_blob, key_blob_length);
696 
697     ASSERT_EQ(-1,
698             sDevice->get_keypair_public(sDevice, key.get(), key.length(),
699                     NULL, NULL))
700             << "Should not be able to succeed with NULL destination blob";
701 }
702 
TEST_F(KeymasterTest,DeleteKeyPair_RSA_Success)703 TEST_F(KeymasterTest, DeleteKeyPair_RSA_Success) {
704     uint8_t* key_blob;
705     size_t key_blob_length;
706 
707     UniqueReadOnlyBlob testKey(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
708     ASSERT_TRUE(testKey.get() != NULL);
709 
710     ASSERT_EQ(0,
711             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
712                     &key_blob, &key_blob_length))
713             << "Should successfully import an RSA key";
714     UniqueKey key(&sDevice, key_blob, key_blob_length);
715 }
716 
TEST_F(KeymasterTest,DeleteKeyPair_RSA_DoubleDelete_Failure)717 TEST_F(KeymasterTest, DeleteKeyPair_RSA_DoubleDelete_Failure) {
718     uint8_t* key_blob;
719     size_t key_blob_length;
720 
721     UniqueReadOnlyBlob testKey(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
722     ASSERT_TRUE(testKey.get() != NULL);
723 
724     /*
725      * This is only run if the module indicates it implements key deletion
726      * by implementing delete_keypair.
727      */
728     if (sDevice->delete_keypair != NULL) {
729         ASSERT_EQ(0,
730                 sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
731                         &key_blob, &key_blob_length))
732                 << "Should successfully import an RSA key";
733         UniqueBlob blob(key_blob, key_blob_length);
734 
735         ASSERT_EQ(0, sDevice->delete_keypair(sDevice, key_blob, key_blob_length))
736                 << "Should delete key after import";
737 
738         ASSERT_EQ(-1, sDevice->delete_keypair(sDevice, key_blob, key_blob_length))
739                 << "Should not be able to delete key twice";
740     }
741 }
742 
TEST_F(KeymasterTest,DeleteKeyPair_RSA_NullKey_Failure)743 TEST_F(KeymasterTest, DeleteKeyPair_RSA_NullKey_Failure) {
744     /*
745      * This is only run if the module indicates it implements key deletion
746      * by implementing delete_keypair.
747      */
748     if (sDevice->delete_keypair != NULL) {
749         ASSERT_EQ(-1, sDevice->delete_keypair(sDevice, NULL, 0))
750                 << "Should not be able to delete null key";
751     }
752 }
753 
754 /*
755  * DER-encoded PKCS#8 format RSA key. Generated using:
756  *
757  * openssl genrsa 512 | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
758  */
759 static uint8_t TEST_SIGN_RSA_KEY_1[] = {
760         0x30, 0x82, 0x01, 0x56, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A,
761         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
762         0x01, 0x40, 0x30, 0x82, 0x01, 0x3C, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
763         0xBD, 0xC0, 0x7F, 0xEF, 0x75, 0x1D, 0x63, 0x2A, 0xD0, 0x9A, 0x26, 0xE5,
764         0x5B, 0xB9, 0x84, 0x7C, 0xE5, 0xC7, 0xE7, 0xDE, 0xFE, 0xB6, 0x54, 0xD9,
765         0xF0, 0x9B, 0xC2, 0xCF, 0x36, 0xDA, 0xE5, 0x4D, 0xC5, 0xD9, 0x25, 0x78,
766         0xBD, 0x55, 0x05, 0xBD, 0x86, 0xFB, 0x37, 0x15, 0x33, 0x42, 0x52, 0xED,
767         0xE5, 0xCD, 0xCB, 0xB7, 0xA2, 0x51, 0xFA, 0x36, 0xE9, 0x9C, 0x2E, 0x5D,
768         0xE3, 0xA5, 0x1F, 0x01, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x41, 0x00,
769         0x96, 0x71, 0xDE, 0xBD, 0x83, 0x94, 0x96, 0x40, 0xA6, 0xFD, 0xE1, 0xA2,
770         0xED, 0xD3, 0xAC, 0x28, 0xBE, 0xA2, 0x7D, 0xC3, 0xFF, 0x1D, 0x9F, 0x2E,
771         0xE0, 0xA7, 0x0E, 0x90, 0xEE, 0x44, 0x25, 0x92, 0xE3, 0x54, 0xDD, 0x55,
772         0xA3, 0xEF, 0x42, 0xF5, 0x52, 0x55, 0x41, 0x47, 0x5E, 0x00, 0xFB, 0x8B,
773         0x47, 0x5E, 0x45, 0x49, 0xEA, 0x3D, 0x2C, 0xFD, 0x9F, 0xEC, 0xC8, 0x4E,
774         0x4E, 0x86, 0x90, 0x31, 0x02, 0x21, 0x00, 0xE6, 0xA5, 0x55, 0xB3, 0x64,
775         0xAB, 0x90, 0x5E, 0xA2, 0xF5, 0x6B, 0x21, 0x4B, 0x15, 0xD6, 0x4A, 0xB6,
776         0x60, 0x24, 0x95, 0x65, 0xA2, 0xBE, 0xBA, 0x2A, 0x73, 0xFB, 0xFF, 0x2C,
777         0x61, 0x88, 0x9D, 0x02, 0x21, 0x00, 0xD2, 0x9C, 0x5B, 0xFE, 0x82, 0xA5,
778         0xFC, 0x52, 0x6A, 0x29, 0x38, 0xDB, 0x22, 0x3B, 0xEB, 0x74, 0x3B, 0xCA,
779         0xB4, 0xDD, 0x1D, 0xE4, 0x48, 0x60, 0x70, 0x19, 0x9B, 0x81, 0xC1, 0x83,
780         0x28, 0xB5, 0x02, 0x21, 0x00, 0x89, 0x2D, 0xFE, 0xF9, 0xF2, 0xBF, 0x43,
781         0xDF, 0xB5, 0xA6, 0xA8, 0x30, 0x26, 0x1B, 0x77, 0xD7, 0xF9, 0xFE, 0xD6,
782         0xE3, 0x70, 0x8E, 0xCA, 0x47, 0xA9, 0xA6, 0x50, 0x54, 0x25, 0xCE, 0x60,
783         0xD5, 0x02, 0x21, 0x00, 0xBE, 0x5A, 0xF8, 0x82, 0xE6, 0xCE, 0xE3, 0x6A,
784         0x11, 0xED, 0xC4, 0x27, 0xBB, 0x9F, 0x70, 0xC6, 0x93, 0xAC, 0x39, 0x20,
785         0x89, 0x7D, 0xE5, 0x34, 0xD4, 0xDD, 0x30, 0x42, 0x6D, 0x07, 0x00, 0xE9,
786         0x02, 0x20, 0x05, 0x91, 0xEF, 0x12, 0xD2, 0xD3, 0x6A, 0xD2, 0x96, 0x6B,
787         0x10, 0x62, 0xF9, 0xBA, 0xA4, 0x91, 0x48, 0x84, 0x40, 0x61, 0x67, 0x80,
788         0x68, 0x68, 0xC8, 0x60, 0xB3, 0x66, 0xC8, 0xF9, 0x08, 0x9A,
789 };
790 
791 /*
792  * DER-encoded PKCS#8 format EC key. Generated using:
793  *
794  * openssl ecparam -name prime256v1 -genkey -noout | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
795  */
796 static uint8_t TEST_SIGN_EC_KEY_1[] = {
797         0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86,
798         0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
799         0x03, 0x01, 0x07, 0x04, 0x6D, 0x30, 0x6B, 0x02, 0x01, 0x01, 0x04, 0x20,
800         0x9E, 0x66, 0x11, 0x6A, 0x89, 0xF5, 0x78, 0x57, 0xF3, 0x35, 0xA2, 0x46,
801         0x09, 0x06, 0x4B, 0x4D, 0x81, 0xEC, 0xD3, 0x9B, 0x0A, 0xC4, 0x68, 0x06,
802         0xB8, 0x42, 0x24, 0x5E, 0x74, 0x2C, 0x62, 0x79, 0xA1, 0x44, 0x03, 0x42,
803         0x00, 0x04, 0x35, 0xB5, 0x9A, 0x5C, 0xE5, 0x52, 0x35, 0xF2, 0x10, 0x6C,
804         0xD9, 0x98, 0x67, 0xED, 0x5E, 0xCB, 0x6B, 0xB8, 0x96, 0x5E, 0x54, 0x7C,
805         0x34, 0x2A, 0xA3, 0x3B, 0xF3, 0xD1, 0x39, 0x48, 0x36, 0x7A, 0xEA, 0xD8,
806         0xCA, 0xDD, 0x40, 0x8F, 0xE9, 0xE0, 0x95, 0x2E, 0x3F, 0x95, 0x0F, 0x14,
807         0xD6, 0x14, 0x78, 0xB5, 0xAD, 0x17, 0xD2, 0x5A, 0x41, 0x96, 0x99, 0x20,
808         0xC7, 0x5B, 0x0F, 0x60, 0xFD, 0xBA
809 };
810 
811 /*
812  * PKCS#1 v1.5 padded raw "Hello, world"  Can be generated be generated by verifying
813  * the signature below in no padding mode:
814  *
815  * openssl rsautl -keyform der -inkey rsa.der -raw -verify -in test.sig
816  */
817 static uint8_t TEST_SIGN_DATA_1[] = {
818         0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
819         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
820         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
821         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
822         0xFF, 0xFF, 0xFF, 0x00, 0x48, 0x65, 0x6C, 0x6C, 0x6F, 0x2C, 0x20, 0x77,
823         0x6F, 0x72, 0x6C, 0x64,
824 };
825 
826 /*
827  * Signature of TEST_SIGN_DATA_1 using TEST_SIGN_RSA_KEY_1. Generated using:
828  *
829  * echo 'Hello, world' | openssl rsautl -keyform der -inkey rsa.der -sign | recode ../x1
830  */
831 static uint8_t TEST_SIGN_RSA_SIGNATURE_1[] = {
832         0xA4, 0xBB, 0x76, 0x87, 0xFE, 0x61, 0x0C, 0x9D, 0xD6, 0xFF, 0x4B, 0x76,
833         0x96, 0x08, 0x36, 0x23, 0x11, 0xC6, 0x44, 0x3F, 0x88, 0x77, 0x97, 0xB2,
834         0xA8, 0x3B, 0xFB, 0x9C, 0x3C, 0xD3, 0x20, 0x65, 0xFD, 0x26, 0x3B, 0x2A,
835         0xB8, 0xB6, 0xD4, 0xDC, 0x91, 0xF7, 0xE2, 0xDE, 0x4D, 0xF7, 0x0E, 0xB9,
836         0x72, 0xA7, 0x29, 0x72, 0x82, 0x12, 0x7C, 0x53, 0x23, 0x21, 0xC4, 0xFF,
837         0x79, 0xE4, 0x91, 0x40,
838 };
839 
840 /*
841  * Identical to TEST_SIGN_RSA_SIGNATURE_1 except the last octet is '1' instead of '0'
842  * This should fail any test.
843  */
844 static uint8_t TEST_SIGN_SIGNATURE_BOGUS_1[] = {
845         0xA4, 0xBB, 0x76, 0x87, 0xFE, 0x61, 0x0C, 0x9D, 0xD6, 0xFF, 0x4B, 0x76,
846         0x96, 0x08, 0x36, 0x23, 0x11, 0xC6, 0x44, 0x3F, 0x88, 0x77, 0x97, 0xB2,
847         0xA8, 0x3B, 0xFB, 0x9C, 0x3C, 0xD3, 0x20, 0x65, 0xFD, 0x26, 0x3B, 0x2A,
848         0xB8, 0xB6, 0xD4, 0xDC, 0x91, 0xF7, 0xE2, 0xDE, 0x4D, 0xF7, 0x0E, 0xB9,
849         0x72, 0xA7, 0x29, 0x72, 0x82, 0x12, 0x7C, 0x53, 0x23, 0x21, 0xC4, 0xFF,
850         0x79, 0xE4, 0x91, 0x41,
851 };
852 
TEST_F(KeymasterTest,SignData_RSA_Raw_Success)853 TEST_F(KeymasterTest, SignData_RSA_Raw_Success) {
854     uint8_t* key_blob;
855     size_t key_blob_length;
856 
857     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
858     ASSERT_TRUE(testKey.get() != NULL);
859 
860     ASSERT_EQ(0,
861             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
862                     &key_blob, &key_blob_length))
863             << "Should successfully import an RSA key";
864     UniqueKey key(&sDevice, key_blob, key_blob_length);
865 
866     keymaster_rsa_sign_params_t params = {
867             .digest_type = DIGEST_NONE,
868             .padding_type = PADDING_NONE,
869     };
870 
871     uint8_t* sig;
872     size_t sig_length;
873 
874     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
875     ASSERT_TRUE(testData.get() != NULL);
876 
877     ASSERT_EQ(0,
878             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
879                     testData.get(), testData.length(),
880                     &sig, &sig_length))
881             << "Should sign data successfully";
882     UniqueBlob sig_blob(sig, sig_length);
883 
884     UniqueBlob expected_sig(TEST_SIGN_RSA_SIGNATURE_1, sizeof(TEST_SIGN_RSA_SIGNATURE_1));
885 
886     ASSERT_EQ(expected_sig, sig_blob)
887             << "Generated signature should match expected signature";
888 
889     // The expected signature is actually stack data, so don't let it try to free.
890     uint8_t* unused __attribute__((unused)) = expected_sig.release();
891 }
892 
TEST_F(KeymasterTest,SignData_EC_Success)893 TEST_F(KeymasterTest, SignData_EC_Success) {
894     uint8_t* key_blob;
895     size_t key_blob_length;
896 
897     UniqueReadOnlyBlob testKey(TEST_SIGN_EC_KEY_1, sizeof(TEST_SIGN_EC_KEY_1));
898     ASSERT_TRUE(testKey.get() != NULL);
899 
900     ASSERT_EQ(0,
901             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
902                     &key_blob, &key_blob_length))
903             << "Should successfully import an EC key";
904     UniqueKey key(&sDevice, key_blob, key_blob_length);
905 
906     keymaster_ec_sign_params_t params = {
907             .digest_type = DIGEST_NONE,
908     };
909 
910     uint8_t* sig;
911     size_t sig_length;
912 
913     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
914     ASSERT_TRUE(testData.get() != NULL);
915 
916     ASSERT_EQ(0,
917             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
918                     testData.get(), testData.length(),
919                     &sig, &sig_length))
920             << "Should sign data successfully";
921     UniqueBlob sig_blob(sig, sig_length);
922 
923     uint8_t* x509_data;
924     size_t x509_data_length;
925     ASSERT_EQ(0,
926             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
927                     &x509_data, &x509_data_length))
928             << "Should be able to retrieve RSA public key successfully";
929     UniqueBlob x509_blob(x509_data, x509_data_length);
930 
931     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
932     Unique_EVP_PKEY expected(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
933             static_cast<long>(x509_blob.length())));
934 
935     Unique_EC_KEY ecKey(EVP_PKEY_get1_EC_KEY(expected.get()));
936 
937     ASSERT_EQ(1, ECDSA_verify(0, testData.get(), testData.length(), sig_blob.get(), sig_blob.length(), ecKey.get()))
938             << "Signature should verify";
939 }
940 
TEST_F(KeymasterTest,SignData_RSA_Raw_InvalidSizeInput_Failure)941 TEST_F(KeymasterTest, SignData_RSA_Raw_InvalidSizeInput_Failure) {
942     uint8_t* key_blob;
943     size_t key_blob_length;
944 
945     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
946     ASSERT_TRUE(testKey.get() != NULL);
947 
948     ASSERT_EQ(0,
949             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
950                     &key_blob, &key_blob_length))
951             << "Should successfully import an RSA key";
952     UniqueKey key(&sDevice, key_blob, key_blob_length);
953 
954     keymaster_rsa_sign_params_t params = {
955             .digest_type = DIGEST_NONE,
956             .padding_type = PADDING_NONE,
957     };
958 
959     uint8_t* sig;
960     size_t sig_length;
961 
962     UniqueReadOnlyBlob testData(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
963     ASSERT_TRUE(testData.get() != NULL);
964 
965     ASSERT_EQ(-1,
966             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
967                     testData.get(), testData.length(),
968                     &sig, &sig_length))
969             << "Should not be able to do raw signature on incorrect size data";
970 }
971 
TEST_F(KeymasterTest,SignData_RSA_Raw_NullKey_Failure)972 TEST_F(KeymasterTest, SignData_RSA_Raw_NullKey_Failure) {
973     keymaster_rsa_sign_params_t params = {
974             .digest_type = DIGEST_NONE,
975             .padding_type = PADDING_NONE,
976     };
977 
978     uint8_t* sig;
979     size_t sig_length;
980 
981     UniqueReadOnlyBlob testData(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
982     ASSERT_TRUE(testData.get() != NULL);
983 
984     ASSERT_EQ(-1,
985             sDevice->sign_data(sDevice, &params, NULL, 0,
986                     testData.get(), testData.length(),
987                     &sig, &sig_length))
988             << "Should not be able to do raw signature on incorrect size data";
989 }
990 
TEST_F(KeymasterTest,SignData_RSA_Raw_NullInput_Failure)991 TEST_F(KeymasterTest, SignData_RSA_Raw_NullInput_Failure) {
992     uint8_t* key_blob;
993     size_t key_blob_length;
994 
995     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
996     ASSERT_TRUE(testKey.get() != NULL);
997 
998     ASSERT_EQ(0,
999             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1000                     &key_blob, &key_blob_length))
1001             << "Should successfully import an RSA key";
1002     UniqueKey key(&sDevice, key_blob, key_blob_length);
1003 
1004     keymaster_rsa_sign_params_t params = {
1005             .digest_type = DIGEST_NONE,
1006             .padding_type = PADDING_NONE,
1007     };
1008 
1009     uint8_t* sig;
1010     size_t sig_length;
1011 
1012     ASSERT_EQ(-1,
1013             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
1014                     NULL, 0,
1015                     &sig, &sig_length))
1016             << "Should error when input data is null";
1017 }
1018 
TEST_F(KeymasterTest,SignData_RSA_Raw_NullOutput_Failure)1019 TEST_F(KeymasterTest, SignData_RSA_Raw_NullOutput_Failure) {
1020     uint8_t* key_blob;
1021     size_t key_blob_length;
1022 
1023     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1024     ASSERT_TRUE(testKey.get() != NULL);
1025 
1026     ASSERT_EQ(0,
1027             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1028                     &key_blob, &key_blob_length))
1029             << "Should successfully import an RSA key";
1030     UniqueKey key(&sDevice, key_blob, key_blob_length);
1031 
1032     keymaster_rsa_sign_params_t params = {
1033             .digest_type = DIGEST_NONE,
1034             .padding_type = PADDING_NONE,
1035     };
1036 
1037     uint8_t* sig;
1038     size_t sig_length;
1039 
1040     UniqueReadOnlyBlob testData(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
1041     ASSERT_TRUE(testData.get() != NULL);
1042 
1043     ASSERT_EQ(-1,
1044             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
1045                     testData.get(), testData.length(),
1046                     NULL, NULL))
1047             << "Should error when output is null";
1048 }
1049 
TEST_F(KeymasterTest,VerifyData_RSA_Raw_Success)1050 TEST_F(KeymasterTest, VerifyData_RSA_Raw_Success) {
1051     uint8_t* key_blob;
1052     size_t key_blob_length;
1053 
1054     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1055     ASSERT_TRUE(testKey.get() != NULL);
1056 
1057     ASSERT_EQ(0,
1058             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1059                     &key_blob, &key_blob_length))
1060             << "Should successfully import an RSA key";
1061     UniqueKey key(&sDevice, key_blob, key_blob_length);
1062 
1063     keymaster_rsa_sign_params_t params = {
1064             .digest_type = DIGEST_NONE,
1065             .padding_type = PADDING_NONE,
1066     };
1067 
1068     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
1069     ASSERT_TRUE(testData.get() != NULL);
1070 
1071     UniqueReadOnlyBlob testSig(TEST_SIGN_RSA_SIGNATURE_1, sizeof(TEST_SIGN_RSA_SIGNATURE_1));
1072     ASSERT_TRUE(testSig.get() != NULL);
1073 
1074     ASSERT_EQ(0,
1075             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1076                     testData.get(), testData.length(),
1077                     testSig.get(), testSig.length()))
1078             << "Should verify data successfully";
1079 }
1080 
TEST_F(KeymasterTest,VerifyData_EC_Raw_Success)1081 TEST_F(KeymasterTest, VerifyData_EC_Raw_Success) {
1082     uint8_t* key_blob;
1083     size_t key_blob_length;
1084 
1085     UniqueReadOnlyBlob testKey(TEST_SIGN_EC_KEY_1, sizeof(TEST_SIGN_EC_KEY_1));
1086     ASSERT_TRUE(testKey.get() != NULL);
1087 
1088     ASSERT_EQ(0,
1089             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1090                     &key_blob, &key_blob_length))
1091             << "Should successfully import an RSA key";
1092     UniqueKey key(&sDevice, key_blob, key_blob_length);
1093 
1094     keymaster_ec_sign_params_t params = {
1095             .digest_type = DIGEST_NONE,
1096     };
1097 
1098     uint8_t* sig;
1099     size_t sig_length;
1100 
1101     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
1102     ASSERT_TRUE(testData.get() != NULL);
1103 
1104     ASSERT_EQ(0,
1105             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
1106                     testData.get(), testData.length(),
1107                     &sig, &sig_length))
1108             << "Should sign data successfully";
1109     UniqueBlob sig_blob(sig, sig_length);
1110 
1111     ASSERT_EQ(0,
1112             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1113                     testData.get(), testData.length(),
1114                     sig_blob.get(), sig_blob.length()))
1115             << "Should verify data successfully";
1116 }
1117 
TEST_F(KeymasterTest,VerifyData_RSA_Raw_BadSignature_Failure)1118 TEST_F(KeymasterTest, VerifyData_RSA_Raw_BadSignature_Failure) {
1119     uint8_t* key_blob;
1120     size_t key_blob_length;
1121 
1122     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1123     ASSERT_TRUE(testKey.get() != NULL);
1124 
1125     ASSERT_EQ(0,
1126             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1127                     &key_blob, &key_blob_length))
1128             << "Should successfully import an RSA key";
1129     UniqueKey key(&sDevice, key_blob, key_blob_length);
1130 
1131     keymaster_rsa_sign_params_t params = {
1132             .digest_type = DIGEST_NONE,
1133             .padding_type = PADDING_NONE,
1134     };
1135 
1136     ASSERT_EQ(-1,
1137             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1138                     TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1),
1139                     TEST_SIGN_SIGNATURE_BOGUS_1, sizeof(TEST_SIGN_SIGNATURE_BOGUS_1)))
1140             << "Should sign data successfully";
1141 }
1142 
TEST_F(KeymasterTest,VerifyData_EC_Raw_BadSignature_Failure)1143 TEST_F(KeymasterTest, VerifyData_EC_Raw_BadSignature_Failure) {
1144     uint8_t* key_blob;
1145     size_t key_blob_length;
1146 
1147     UniqueReadOnlyBlob testKey(TEST_SIGN_EC_KEY_1, sizeof(TEST_SIGN_EC_KEY_1));
1148     ASSERT_TRUE(testKey.get() != NULL);
1149 
1150     ASSERT_EQ(0,
1151             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1152                     &key_blob, &key_blob_length))
1153             << "Should successfully import an RSA key";
1154     UniqueKey key(&sDevice, key_blob, key_blob_length);
1155 
1156     keymaster_ec_sign_params_t params = {
1157             .digest_type = DIGEST_NONE,
1158     };
1159 
1160     ASSERT_EQ(-1,
1161             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1162                     TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1),
1163                     TEST_SIGN_SIGNATURE_BOGUS_1, sizeof(TEST_SIGN_SIGNATURE_BOGUS_1)))
1164             << "Should sign data successfully";
1165 }
1166 
TEST_F(KeymasterTest,VerifyData_RSA_Raw_NullKey_Failure)1167 TEST_F(KeymasterTest, VerifyData_RSA_Raw_NullKey_Failure) {
1168     keymaster_rsa_sign_params_t params = {
1169             .digest_type = DIGEST_NONE,
1170             .padding_type = PADDING_NONE,
1171     };
1172 
1173     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
1174     ASSERT_TRUE(testData.get() != NULL);
1175 
1176     UniqueReadOnlyBlob testSig(TEST_SIGN_SIGNATURE_BOGUS_1, sizeof(TEST_SIGN_SIGNATURE_BOGUS_1));
1177     ASSERT_TRUE(testSig.get() != NULL);
1178 
1179     ASSERT_EQ(-1,
1180             sDevice->verify_data(sDevice, &params, NULL, 0,
1181                     testData.get(), testData.length(),
1182                     testSig.get(), testSig.length()))
1183             << "Should fail when key is null";
1184 }
1185 
TEST_F(KeymasterTest,VerifyData_RSA_NullInput_Failure)1186 TEST_F(KeymasterTest, VerifyData_RSA_NullInput_Failure) {
1187     uint8_t* key_blob;
1188     size_t key_blob_length;
1189 
1190     ASSERT_EQ(0,
1191             sDevice->import_keypair(sDevice, TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1),
1192                     &key_blob, &key_blob_length))
1193             << "Should successfully import an RSA key";
1194     UniqueKey key(&sDevice, key_blob, key_blob_length);
1195 
1196     keymaster_rsa_sign_params_t params = {
1197             .digest_type = DIGEST_NONE,
1198             .padding_type = PADDING_NONE,
1199     };
1200 
1201     UniqueReadOnlyBlob testSig(TEST_SIGN_RSA_SIGNATURE_1, sizeof(TEST_SIGN_RSA_SIGNATURE_1));
1202     ASSERT_TRUE(testSig.get() != NULL);
1203 
1204     ASSERT_EQ(-1,
1205             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1206                     NULL, 0,
1207                     testSig.get(), testSig.length()))
1208             << "Should fail on null input";
1209 }
1210 
TEST_F(KeymasterTest,VerifyData_RSA_NullSignature_Failure)1211 TEST_F(KeymasterTest, VerifyData_RSA_NullSignature_Failure) {
1212     uint8_t* key_blob;
1213     size_t key_blob_length;
1214 
1215     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1216     ASSERT_TRUE(testKey.get() != NULL);
1217 
1218     ASSERT_EQ(0,
1219             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1220                     &key_blob, &key_blob_length))
1221             << "Should successfully import an RSA key";
1222     UniqueKey key(&sDevice, key_blob, key_blob_length);
1223 
1224     keymaster_rsa_sign_params_t params = {
1225             .digest_type = DIGEST_NONE,
1226             .padding_type = PADDING_NONE,
1227     };
1228 
1229     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
1230     ASSERT_TRUE(testData.get() != NULL);
1231 
1232     ASSERT_EQ(-1,
1233             sDevice->verify_data(sDevice, &params, key.get(), key.length(),
1234                     testData.get(), testData.length(),
1235                     NULL, 0))
1236             << "Should fail on null signature";
1237 }
1238 
TEST_F(KeymasterTest,EraseAll_Success)1239 TEST_F(KeymasterTest, EraseAll_Success) {
1240     uint8_t *key1_blob, *key2_blob;
1241     size_t key1_blob_length, key2_blob_length;
1242 
1243     // Only test this if the device says it supports delete_all
1244     if (sDevice->delete_all == NULL) {
1245         return;
1246     }
1247 
1248     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1249     ASSERT_TRUE(testKey.get() != NULL);
1250 
1251     ASSERT_EQ(0,
1252             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1253                     &key1_blob, &key1_blob_length))
1254             << "Should successfully import an RSA key";
1255     UniqueKey key1(&sDevice, key1_blob, key1_blob_length);
1256 
1257     UniqueReadOnlyBlob testKey2(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1258     ASSERT_TRUE(testKey2.get() != NULL);
1259 
1260     ASSERT_EQ(0,
1261             sDevice->import_keypair(sDevice, testKey2.get(), testKey2.length(),
1262                     &key2_blob, &key2_blob_length))
1263             << "Should successfully import an RSA key";
1264     UniqueKey key2(&sDevice, key2_blob, key2_blob_length);
1265 
1266     ASSERT_EQ(0, sDevice->delete_all(sDevice))
1267             << "Should erase all keys";
1268 
1269     key1.reset();
1270 
1271     uint8_t* x509_data;
1272     size_t x509_data_length;
1273     ASSERT_EQ(-1,
1274             sDevice->get_keypair_public(sDevice, key1_blob, key1_blob_length,
1275                     &x509_data, &x509_data_length))
1276             << "Should be able to retrieve RSA public key 1 successfully";
1277 
1278     ASSERT_EQ(-1,
1279             sDevice->get_keypair_public(sDevice, key2_blob, key2_blob_length,
1280                     &x509_data, &x509_data_length))
1281             << "Should be able to retrieve RSA public key 2 successfully";
1282 }
1283 
1284 }
1285