1 /*
2  * Copyright (C) 2012 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <fcntl.h>
18 #include <stdlib.h>
19 #include <unistd.h>
20 #include <sys/mman.h>
21 #include <sys/stat.h>
22 #include <sys/types.h>
23 
24 #include <fstream>
25 #include <iostream>
26 #include <memory>
27 
28 #include <gtest/gtest.h>
29 
30 #include <openssl/bn.h>
31 #include <openssl/evp.h>
32 #include <openssl/x509.h>
33 
34 #define LOG_TAG "keymaster_test"
35 #include <utils/Log.h>
36 
37 #include <hardware/keymaster0.h>
38 
39 namespace android {
40 
41 class UniqueBlob : public std::unique_ptr<uint8_t[]> {
42 public:
UniqueBlob(size_t length)43     explicit UniqueBlob(size_t length) :
44             mLength(length) {
45     }
46 
UniqueBlob(uint8_t * bytes,size_t length)47     UniqueBlob(uint8_t* bytes, size_t length) :
48             std::unique_ptr<uint8_t[]>(bytes), mLength(length) {
49     }
50 
operator ==(const UniqueBlob & other) const51     bool operator==(const UniqueBlob &other) const {
52         if (other.length() != mLength) {
53             return false;
54         }
55 
56         const uint8_t* mine = get();
57         const uint8_t* theirs = other.get();
58 
59         for (size_t i = 0; i < mLength; i++) {
60             if (mine[i] != theirs[i]) {
61                 return false;
62             }
63         }
64 
65         return true;
66     }
67 
length() const68     size_t length() const {
69         return mLength;
70     }
71 
72     friend std::ostream &operator<<(std::ostream &stream, const UniqueBlob& blob);
73 
74 private:
75     size_t mLength;
76 };
77 
operator <<(std::ostream & stream,const UniqueBlob & blob)78 std::ostream &operator<<(std::ostream &stream, const UniqueBlob& blob) {
79     const size_t length = blob.mLength;
80     stream << "Blob length=" << length << " < ";
81 
82     const uint8_t* data = blob.get();
83     for (size_t i = 0; i < length; i++) {
84         stream << std::hex << std::setw(2) << std::setfill('0')
85                 << static_cast<unsigned int>(data[i]) << ' ';
86     }
87     stream << '>' << std::endl;
88 
89     return stream;
90 }
91 
92 class UniqueKey : public UniqueBlob {
93 public:
UniqueKey(keymaster0_device_t ** dev,uint8_t * bytes,size_t length)94     UniqueKey(keymaster0_device_t** dev, uint8_t* bytes, size_t length) :
95             UniqueBlob(bytes, length), mDevice(dev) {
96     }
97 
~UniqueKey()98     ~UniqueKey() {
99         if (mDevice != NULL && *mDevice != NULL) {
100             keymaster0_device_t* dev = *mDevice;
101             if (dev->delete_keypair != NULL) {
102                 dev->delete_keypair(dev, get(), length());
103             }
104         }
105     }
106 
107 private:
108     keymaster0_device_t** mDevice;
109 };
110 
111 class UniqueReadOnlyBlob {
112 public:
UniqueReadOnlyBlob(uint8_t * data,size_t dataSize)113     UniqueReadOnlyBlob(uint8_t* data, size_t dataSize) :
114             mDataSize(dataSize) {
115         int pageSize = sysconf(_SC_PAGE_SIZE);
116         if (pageSize == -1) {
117             return;
118         }
119 
120         int fd = open("/dev/zero", O_RDONLY);
121         if (fd == -1) {
122             return;
123         }
124 
125         mBufferSize = (dataSize + pageSize - 1) & ~(pageSize - 1);
126         uint8_t* buffer = (uint8_t*) mmap(NULL, mBufferSize, PROT_READ | PROT_WRITE,
127                                           MAP_PRIVATE, fd, 0);
128         close(fd);
129 
130         if (buffer == NULL) {
131             return;
132         }
133 
134         memcpy(buffer, data, dataSize);
135         if (mprotect(buffer, mBufferSize, PROT_READ) == -1) {
136             munmap(buffer, mBufferSize);
137             return;
138         }
139 
140         mBuffer = buffer;
141     }
142 
~UniqueReadOnlyBlob()143     ~UniqueReadOnlyBlob() {
144         munmap(mBuffer, mBufferSize);
145     }
146 
get() const147     uint8_t* get() const {
148         return mBuffer;
149     }
150 
length() const151     size_t length() const {
152         return mDataSize;
153     }
154 
155 private:
156     uint8_t* mBuffer;
157     size_t mBufferSize;
158     size_t mDataSize;
159 };
160 
161 struct BIGNUM_Delete {
operator ()android::BIGNUM_Delete162     void operator()(BIGNUM* p) const {
163         BN_free(p);
164     }
165 };
166 typedef std::unique_ptr<BIGNUM, BIGNUM_Delete> Unique_BIGNUM;
167 
168 struct EVP_PKEY_Delete {
operator ()android::EVP_PKEY_Delete169     void operator()(EVP_PKEY* p) const {
170         EVP_PKEY_free(p);
171     }
172 };
173 typedef std::unique_ptr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY;
174 
175 struct PKCS8_PRIV_KEY_INFO_Delete {
operator ()android::PKCS8_PRIV_KEY_INFO_Delete176     void operator()(PKCS8_PRIV_KEY_INFO* p) const {
177         PKCS8_PRIV_KEY_INFO_free(p);
178     }
179 };
180 typedef std::unique_ptr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;
181 
182 struct RSA_Delete {
operator ()android::RSA_Delete183     void operator()(RSA* p) const {
184         RSA_free(p);
185     }
186 };
187 typedef std::unique_ptr<RSA, RSA_Delete> Unique_RSA;
188 
189 struct EC_KEY_Delete {
operator ()android::EC_KEY_Delete190     void operator()(EC_KEY* p) const {
191         EC_KEY_free(p);
192     }
193 };
194 typedef std::unique_ptr<EC_KEY, EC_KEY_Delete> Unique_EC_KEY;
195 
196 
197 /*
198  * DER-encoded PKCS#8 format RSA key. Generated using:
199  *
200  * openssl genrsa 2048 | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
201  */
202 static uint8_t TEST_RSA_KEY_1[] = {
203         0x30, 0x82, 0x04, 0xBE, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A,
204         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
205         0x04, 0xA8, 0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01,
206         0x01, 0x00, 0xD8, 0x58, 0xD4, 0x9F, 0xC0, 0xE8, 0xF0, 0xFF, 0x87, 0x27,
207         0x43, 0xE6, 0x2E, 0xE6, 0x9A, 0x42, 0x3B, 0x39, 0x94, 0x84, 0x43, 0x55,
208         0x8D, 0x20, 0x5B, 0x71, 0x88, 0xE6, 0xD1, 0x62, 0xC8, 0xF2, 0x20, 0xD0,
209         0x75, 0x13, 0x83, 0xA3, 0x5D, 0x19, 0xA8, 0x62, 0xD0, 0x5F, 0x3E, 0x8A,
210         0x7C, 0x0E, 0x26, 0xA9, 0xFF, 0xB2, 0x5E, 0x63, 0xAA, 0x3C, 0x8D, 0x13,
211         0x41, 0xAA, 0xD5, 0x03, 0x01, 0x01, 0x53, 0xC9, 0x02, 0x1C, 0xEC, 0xE8,
212         0xC4, 0x70, 0x3F, 0x43, 0xE5, 0x51, 0xD0, 0x6E, 0x52, 0x0B, 0xC4, 0x0A,
213         0xA3, 0x61, 0xDE, 0xE3, 0x72, 0x0C, 0x94, 0xF1, 0x1C, 0x2D, 0x36, 0x77,
214         0xBB, 0x16, 0xA8, 0x63, 0x4B, 0xD1, 0x07, 0x00, 0x42, 0x2D, 0x2B, 0x10,
215         0x80, 0x45, 0xF3, 0x0C, 0xF9, 0xC5, 0xAC, 0xCC, 0x64, 0x87, 0xFD, 0x5D,
216         0xC8, 0x51, 0xD4, 0x1C, 0x9E, 0x6E, 0x9B, 0xC4, 0x27, 0x5E, 0x73, 0xA7,
217         0x2A, 0xF6, 0x90, 0x42, 0x0C, 0x34, 0x93, 0xB7, 0x02, 0x19, 0xA9, 0x64,
218         0x6C, 0x46, 0x3B, 0x40, 0x02, 0x2F, 0x54, 0x69, 0x79, 0x26, 0x7D, 0xF6,
219         0x85, 0x90, 0x01, 0xD0, 0x21, 0x07, 0xD0, 0x14, 0x00, 0x65, 0x9C, 0xAC,
220         0x24, 0xE8, 0x78, 0x42, 0x3B, 0x90, 0x75, 0x19, 0x55, 0x11, 0x4E, 0xD9,
221         0xE6, 0x97, 0x87, 0xBC, 0x8D, 0x2C, 0x9B, 0xF0, 0x1F, 0x14, 0xEB, 0x6A,
222         0x57, 0xCE, 0x78, 0xAD, 0xCE, 0xD9, 0xFB, 0xB9, 0xA1, 0xEF, 0x0C, 0x1F,
223         0xDD, 0xE3, 0x5B, 0x73, 0xA0, 0xEC, 0x37, 0x9C, 0xE1, 0xFD, 0x86, 0x28,
224         0xC3, 0x4A, 0x42, 0xD0, 0xA3, 0xFE, 0x57, 0x09, 0x29, 0xD8, 0xF6, 0xEC,
225         0xE3, 0xC0, 0x71, 0x7C, 0x29, 0x27, 0xC2, 0xD1, 0x3E, 0x22, 0xBC, 0xBD,
226         0x5A, 0x85, 0x41, 0xF6, 0x15, 0xDA, 0x0C, 0x58, 0x5A, 0x61, 0x5B, 0x78,
227         0xB8, 0xAA, 0xEC, 0x5C, 0x1C, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
228         0x82, 0x01, 0x00, 0x1D, 0x10, 0x31, 0xE0, 0x14, 0x26, 0x36, 0xD9, 0xDC,
229         0xEA, 0x25, 0x70, 0xF2, 0xB3, 0xFF, 0xDD, 0x0D, 0xDF, 0xBA, 0x57, 0xDA,
230         0x43, 0xCF, 0xE5, 0x9C, 0xE3, 0x2F, 0xA4, 0xF2, 0x53, 0xF6, 0xF2, 0xAF,
231         0xFD, 0xD0, 0xFC, 0x82, 0x1E, 0x9C, 0x0F, 0x2A, 0x53, 0xBB, 0xF2, 0x4F,
232         0x90, 0x83, 0x01, 0xD3, 0xA7, 0xDA, 0xB5, 0xB7, 0x80, 0x64, 0x0A, 0x26,
233         0x59, 0x83, 0xE4, 0xD3, 0x20, 0xC8, 0x2D, 0xC9, 0x77, 0xA3, 0x55, 0x07,
234         0x6E, 0x6D, 0x95, 0x36, 0xAA, 0x84, 0x4F, 0xED, 0x54, 0x24, 0xA9, 0x77,
235         0xF8, 0x85, 0xE2, 0x4B, 0xF2, 0xFA, 0x0B, 0x3E, 0xA6, 0xF5, 0x46, 0x0D,
236         0x9F, 0x1F, 0xFE, 0xF7, 0x37, 0xFF, 0xA3, 0x60, 0xF1, 0x63, 0xF2, 0x75,
237         0x6A, 0x8E, 0x10, 0xD7, 0x89, 0xD2, 0xB3, 0xFF, 0x76, 0xA5, 0xBA, 0xAF,
238         0x0A, 0xBE, 0x32, 0x5F, 0xF0, 0x48, 0x48, 0x4B, 0x9C, 0x9A, 0x3D, 0x12,
239         0xA7, 0xD2, 0x07, 0xC7, 0x59, 0x32, 0x94, 0x95, 0x65, 0x2F, 0x87, 0x34,
240         0x76, 0xBA, 0x7C, 0x08, 0x4B, 0xAB, 0xA6, 0x24, 0xDF, 0x64, 0xDB, 0x48,
241         0x63, 0x42, 0x06, 0xE2, 0x2C, 0x3D, 0xFB, 0xE5, 0x47, 0x81, 0x94, 0x98,
242         0xF7, 0x32, 0x4B, 0x28, 0xEB, 0x42, 0xB8, 0xE9, 0x8E, 0xFC, 0xC9, 0x43,
243         0xC9, 0x47, 0xE6, 0xE7, 0x1C, 0xDC, 0x71, 0xEF, 0x4D, 0x8A, 0xB1, 0xFC,
244         0x45, 0x37, 0xEC, 0xB3, 0x16, 0x88, 0x5B, 0xE2, 0xEC, 0x8B, 0x6B, 0x75,
245         0x16, 0xBE, 0x6B, 0xF8, 0x2C, 0xF8, 0xC9, 0xD1, 0xF7, 0x55, 0x87, 0x57,
246         0x5F, 0xDE, 0xF4, 0x7E, 0x72, 0x13, 0x06, 0x2A, 0x21, 0xB7, 0x78, 0x21,
247         0x05, 0xFD, 0xE2, 0x5F, 0x7B, 0x7C, 0xF0, 0x26, 0x2B, 0x75, 0x7F, 0x68,
248         0xF9, 0xA6, 0x98, 0xFD, 0x54, 0x0E, 0xCC, 0x22, 0x41, 0x7F, 0x29, 0x81,
249         0x2F, 0xA3, 0x3C, 0x3D, 0x64, 0xC8, 0x41, 0x02, 0x81, 0x81, 0x00, 0xFA,
250         0xFA, 0xE4, 0x2E, 0x30, 0xF0, 0x7A, 0x8D, 0x95, 0xB8, 0x39, 0x58, 0x27,
251         0x0F, 0x89, 0x0C, 0xDF, 0xFE, 0x2F, 0x55, 0x3B, 0x6F, 0xDD, 0x5F, 0x12,
252         0xB3, 0xD1, 0xCF, 0x5B, 0x8D, 0xB6, 0x10, 0x1C, 0x87, 0x0C, 0x30, 0x89,
253         0x2D, 0xBB, 0xB8, 0xA1, 0x78, 0x0F, 0x54, 0xA6, 0x36, 0x46, 0x05, 0x8B,
254         0x5A, 0xFF, 0x48, 0x03, 0x13, 0xAE, 0x95, 0x96, 0x5D, 0x6C, 0xDA, 0x5D,
255         0xF7, 0xAD, 0x1D, 0x33, 0xED, 0x23, 0xF5, 0x4B, 0x03, 0x78, 0xE7, 0x50,
256         0xD1, 0x2D, 0x95, 0x22, 0x35, 0x02, 0x5B, 0x4A, 0x4E, 0x73, 0xC9, 0xB7,
257         0x05, 0xC4, 0x21, 0x86, 0x1F, 0x1E, 0x40, 0x83, 0xBC, 0x8A, 0x3A, 0x95,
258         0x24, 0x62, 0xF4, 0x58, 0x38, 0x64, 0x4A, 0x89, 0x8A, 0x27, 0x59, 0x12,
259         0x9D, 0x21, 0xC3, 0xA6, 0x42, 0x1E, 0x2A, 0x3F, 0xD8, 0x65, 0x1F, 0x6E,
260         0x3E, 0x4D, 0x5C, 0xCC, 0xEA, 0x8E, 0x15, 0x02, 0x81, 0x81, 0x00, 0xDC,
261         0xAC, 0x9B, 0x00, 0xDB, 0xF9, 0xB2, 0xBF, 0xC4, 0x5E, 0xB6, 0xB7, 0x63,
262         0xEB, 0x13, 0x4B, 0xE2, 0xA6, 0xC8, 0x72, 0x90, 0xD8, 0xC2, 0x33, 0x33,
263         0xF0, 0x66, 0x75, 0xBD, 0x50, 0x7C, 0xA4, 0x8F, 0x82, 0xFB, 0xFF, 0x44,
264         0x3B, 0xE7, 0x15, 0x3A, 0x0C, 0x7A, 0xF8, 0x92, 0x86, 0x4A, 0x79, 0x32,
265         0x08, 0x82, 0x1D, 0x6A, 0xBA, 0xAD, 0x8A, 0xB3, 0x3D, 0x7F, 0xA5, 0xB4,
266         0x6F, 0x67, 0x86, 0x7E, 0xB2, 0x9C, 0x2A, 0xF6, 0x7C, 0x49, 0x21, 0xC5,
267         0x3F, 0x00, 0x3F, 0x9B, 0xF7, 0x0F, 0x6C, 0x35, 0x80, 0x75, 0x73, 0xC0,
268         0xF8, 0x3E, 0x30, 0x5F, 0x74, 0x2F, 0x15, 0x41, 0xEA, 0x0F, 0xCE, 0x0E,
269         0x18, 0x17, 0x68, 0xBA, 0xC4, 0x29, 0xF2, 0xE2, 0x2C, 0x1D, 0x55, 0x83,
270         0xB6, 0x64, 0x2E, 0x03, 0x12, 0xA4, 0x0D, 0xBF, 0x4F, 0x2E, 0xBE, 0x7C,
271         0x41, 0xD9, 0xCD, 0xD0, 0x52, 0x91, 0xD5, 0x02, 0x81, 0x81, 0x00, 0xD4,
272         0x55, 0xEB, 0x32, 0xC1, 0x28, 0xD3, 0x26, 0x72, 0x22, 0xB8, 0x31, 0x42,
273         0x6A, 0xBC, 0x52, 0x6E, 0x37, 0x48, 0xA8, 0x5D, 0x6E, 0xD8, 0xE5, 0x14,
274         0x97, 0x99, 0xCC, 0x4A, 0xF2, 0xEB, 0xB3, 0x59, 0xCF, 0x4F, 0x9A, 0xC8,
275         0x94, 0x2E, 0x9B, 0x97, 0xD0, 0x51, 0x78, 0x16, 0x5F, 0x18, 0x82, 0x9C,
276         0x51, 0xD2, 0x64, 0x84, 0x65, 0xE4, 0x70, 0x9E, 0x14, 0x50, 0x81, 0xB6,
277         0xBA, 0x52, 0x75, 0xC0, 0x76, 0xC2, 0xD3, 0x46, 0x31, 0x9B, 0xDA, 0x67,
278         0xDF, 0x71, 0x27, 0x19, 0x17, 0xAB, 0xF4, 0xBC, 0x3A, 0xFF, 0x6F, 0x0B,
279         0x2F, 0x0F, 0xAE, 0x25, 0x20, 0xB2, 0xA1, 0x76, 0x52, 0xCE, 0xC7, 0x9D,
280         0x62, 0x79, 0x6D, 0xAC, 0x2D, 0x99, 0x7C, 0x0E, 0x3D, 0x19, 0xE9, 0x1B,
281         0xFC, 0x60, 0x92, 0x7C, 0x58, 0xB7, 0xD8, 0x9A, 0xC7, 0x63, 0x56, 0x62,
282         0x18, 0xC7, 0xAE, 0xD9, 0x97, 0x1F, 0xB9, 0x02, 0x81, 0x81, 0x00, 0x91,
283         0x40, 0xC4, 0x1E, 0x82, 0xAD, 0x0F, 0x6D, 0x8E, 0xD2, 0x51, 0x2E, 0xD1,
284         0x84, 0x30, 0x85, 0x68, 0xC1, 0x23, 0x7B, 0xD5, 0xBF, 0xF7, 0xC4, 0x40,
285         0x51, 0xE2, 0xFF, 0x69, 0x07, 0x8B, 0xA3, 0xBE, 0x1B, 0x17, 0xC8, 0x64,
286         0x9F, 0x91, 0x71, 0xB5, 0x6D, 0xF5, 0x9B, 0x9C, 0xC6, 0xEC, 0x4A, 0x6E,
287         0x16, 0x8F, 0x9E, 0xD1, 0x5B, 0xE3, 0x53, 0x42, 0xBC, 0x1E, 0x43, 0x72,
288         0x4B, 0x4A, 0x37, 0x8B, 0x3A, 0x01, 0xF5, 0x7D, 0x9D, 0x3D, 0x7E, 0x0F,
289         0x19, 0x73, 0x0E, 0x6B, 0x98, 0xE9, 0xFB, 0xEE, 0x13, 0x8A, 0x3C, 0x11,
290         0x2E, 0xD5, 0xB0, 0x7D, 0x84, 0x3A, 0x61, 0xA1, 0xAB, 0x71, 0x8F, 0xCE,
291         0x53, 0x29, 0x45, 0x74, 0x7A, 0x1E, 0xAA, 0x93, 0x19, 0x3A, 0x8D, 0xC9,
292         0x4E, 0xCB, 0x0E, 0x46, 0x53, 0x84, 0xCC, 0xCF, 0xBA, 0x4D, 0x28, 0x71,
293         0x1D, 0xDF, 0x41, 0xCB, 0xF8, 0x2D, 0xA9, 0x02, 0x81, 0x80, 0x04, 0x8B,
294         0x4A, 0xEA, 0xBD, 0x39, 0x0B, 0x96, 0xC5, 0x1D, 0xA4, 0x47, 0xFD, 0x46,
295         0xD2, 0x8A, 0xEA, 0x2A, 0xF3, 0x9D, 0x3A, 0x7E, 0x16, 0x74, 0xFC, 0x13,
296         0xDE, 0x4D, 0xA9, 0x85, 0x42, 0x33, 0x02, 0x92, 0x0B, 0xB6, 0xDB, 0x7E,
297         0xEA, 0x85, 0xC2, 0x94, 0x43, 0x52, 0x37, 0x5A, 0x77, 0xAB, 0xCB, 0x61,
298         0x88, 0xDE, 0xF8, 0xFA, 0xDB, 0xE8, 0x0B, 0x95, 0x7D, 0x39, 0x19, 0xA2,
299         0x89, 0xB9, 0x32, 0xB2, 0x50, 0x38, 0xF7, 0x88, 0x69, 0xFD, 0xA4, 0x63,
300         0x1F, 0x9B, 0x03, 0xD8, 0xA6, 0x7A, 0x05, 0x76, 0x02, 0x28, 0x93, 0x82,
301         0x73, 0x7F, 0x14, 0xCC, 0xBE, 0x29, 0x10, 0xAD, 0x8A, 0x2E, 0xAC, 0xED,
302         0x11, 0xA7, 0x72, 0x7C, 0x60, 0x78, 0x72, 0xFB, 0x78, 0x20, 0x18, 0xC9,
303         0x7E, 0x63, 0xAD, 0x55, 0x54, 0x51, 0xDB, 0x9F, 0x7B, 0xD4, 0x8F, 0xB2,
304         0xDE, 0x3B, 0xF1, 0x70, 0x23, 0xE5,
305 };
306 
307 /*
308  * DER-encoded PKCS#8 format EC key. Generated using:
309  *
310  * openssl ecparam -name prime256v1 -genkey -noout | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
311  */
312 static uint8_t TEST_EC_KEY_1[] = {
313         0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86,
314         0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
315         0x03, 0x01, 0x07, 0x04, 0x6D, 0x30, 0x6B, 0x02, 0x01, 0x01, 0x04, 0x20,
316         0x25, 0xAC, 0x77, 0x2B, 0x04, 0x33, 0xC8, 0x16, 0x59, 0xA3, 0xC7, 0xE7,
317         0x11, 0x42, 0xD0, 0x11, 0x71, 0x30, 0x7B, 0xB8, 0xD2, 0x67, 0xFF, 0x9C,
318         0x5F, 0x50, 0x2E, 0xAB, 0x67, 0xD4, 0x17, 0x51, 0xA1, 0x44, 0x03, 0x42,
319         0x00, 0x04, 0xCF, 0xCE, 0xB8, 0x7F, 0x88, 0x36, 0xC4, 0xF8, 0x51, 0x29,
320         0xE2, 0xA7, 0x21, 0xC3, 0x3B, 0xFF, 0x88, 0xE3, 0x87, 0x98, 0xD1, 0xA6,
321         0x4B, 0xB3, 0x4B, 0xD5, 0x44, 0xF8, 0xE0, 0x43, 0x6B, 0x50, 0x74, 0xFB,
322         0xB0, 0xAD, 0x41, 0x1C, 0x11, 0x9D, 0xC6, 0x1E, 0x83, 0x8C, 0x49, 0xCA,
323         0xBE, 0xC6, 0xCE, 0xB6, 0xC9, 0xA1, 0xBF, 0x69, 0xA9, 0xA0, 0xA3, 0x80,
324         0x14, 0x39, 0x57, 0x94, 0xDA, 0x5D
325 };
326 
327 
328 /*
329  * Generated using keys on the keyboard and lack of imagination.
330  */
331 static unsigned char BOGUS_KEY_1[] = { 0xFF, 0xFF, 0xFF, 0xFF };
332 
333 
334 class KeymasterBaseTest : public ::testing::Test {
335 public:
SetUpTestCase()336     static void SetUpTestCase() {
337         const hw_module_t* mod;
338         ASSERT_EQ(0, hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod))
339                 << "Should be able to find a keymaster hardware module";
340 
341         std::cout << "Using keymaster module: " << mod->name << std::endl;
342 
343         ASSERT_EQ(0, keymaster0_open(mod, &sDevice))
344                 << "Should be able to open the keymaster device";
345 
346         ASSERT_EQ(KEYMASTER_MODULE_API_VERSION_0_2, mod->module_api_version)
347                 << "Keymaster should implement API version 2";
348 
349         ASSERT_TRUE(sDevice->generate_keypair != NULL)
350                 << "Should implement generate_keypair";
351 
352         ASSERT_TRUE(sDevice->import_keypair != NULL)
353                 << "Should implement import_keypair";
354 
355         ASSERT_TRUE(sDevice->get_keypair_public != NULL)
356                 << "Should implement get_keypair_public";
357 
358         ASSERT_TRUE(sDevice->sign_data != NULL)
359                 << "Should implement sign_data";
360 
361         ASSERT_TRUE(sDevice->verify_data != NULL)
362                 << "Should implement verify_data";
363     }
364 
TearDownTestCase()365     static void TearDownTestCase() {
366         ASSERT_EQ(0, keymaster0_close(sDevice));
367     }
368 
369 protected:
370     static keymaster0_device_t* sDevice;
371 };
372 
373 keymaster0_device_t* KeymasterBaseTest::sDevice = NULL;
374 
375 class KeymasterTest : public KeymasterBaseTest {
376 };
377 
378 class KeymasterAllTypesTest : public KeymasterBaseTest,
379                               public ::testing::WithParamInterface<keymaster_keypair_t> {
380 };
381 
382 class KeymasterGenerateRSATest : public KeymasterBaseTest,
383                               public ::testing::WithParamInterface<uint32_t> {
384 };
385 
386 class KeymasterGenerateDSATest : public KeymasterBaseTest,
387                               public ::testing::WithParamInterface<uint32_t> {
388 };
389 
390 class KeymasterGenerateECTest : public KeymasterBaseTest,
391                               public ::testing::WithParamInterface<uint32_t> {
392 };
393 
TEST_P(KeymasterGenerateRSATest,GenerateKeyPair_RSA_Success)394 TEST_P(KeymasterGenerateRSATest, GenerateKeyPair_RSA_Success) {
395     keymaster_keypair_t key_type = TYPE_RSA;
396     keymaster_rsa_keygen_params_t params = {
397             .modulus_size = GetParam(),
398             .public_exponent = RSA_F4,
399     };
400 
401     uint8_t* key_blob;
402     size_t key_blob_length;
403 
404     ASSERT_EQ(0,
405             sDevice->generate_keypair(sDevice, key_type, &params, &key_blob, &key_blob_length))
406             << "Should generate an RSA key with " << GetParam() << " bit modulus size";
407     UniqueKey key(&sDevice, key_blob, key_blob_length);
408 
409     uint8_t* x509_data = NULL;
410     size_t x509_data_length;
411     ASSERT_EQ(0,
412             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
413                     &x509_data, &x509_data_length))
414             << "Should be able to retrieve RSA public key successfully";
415     UniqueBlob x509_blob(x509_data, x509_data_length);
416     ASSERT_FALSE(x509_blob.get() == NULL)
417             << "X509 data should be allocated";
418 
419     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
420     Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
421             static_cast<long>(x509_blob.length())));
422 
423     ASSERT_EQ(EVP_PKEY_RSA, EVP_PKEY_type(actual.get()->type))
424             << "Generated key type should be of type RSA";
425 
426     Unique_RSA rsa(EVP_PKEY_get1_RSA(actual.get()));
427     ASSERT_FALSE(rsa.get() == NULL)
428             << "Should be able to extract RSA key from EVP_PKEY";
429 
430     ASSERT_EQ(static_cast<unsigned long>(RSA_F4), BN_get_word(rsa.get()->e))
431             << "Exponent should be RSA_F4";
432 
433     ASSERT_EQ((GetParam() + 7) / 8, static_cast<uint32_t>(RSA_size(rsa.get())))
434             << "Modulus size should be the specified parameter";
435 }
436 
437 INSTANTIATE_TEST_CASE_P(RSA,
438                         KeymasterGenerateRSATest,
439                         ::testing::Values(512U, 1024U, 2048U, 3072U, 4096U));
440 
441 
TEST_P(KeymasterGenerateECTest,GenerateKeyPair_EC_Success)442 TEST_P(KeymasterGenerateECTest, GenerateKeyPair_EC_Success) {
443     keymaster_keypair_t key_type = TYPE_EC;
444     keymaster_ec_keygen_params_t params = {
445             .field_size = GetParam(),
446     };
447 
448     uint8_t* key_blob;
449     size_t key_blob_length;
450 
451     ASSERT_EQ(0,
452             sDevice->generate_keypair(sDevice, key_type, &params, &key_blob, &key_blob_length))
453             << "Should generate an EC key with " << GetParam() << " field size";
454     UniqueKey key(&sDevice, key_blob, key_blob_length);
455 
456     uint8_t* x509_data = NULL;
457     size_t x509_data_length;
458     ASSERT_EQ(0,
459             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
460                     &x509_data, &x509_data_length))
461             << "Should be able to retrieve EC public key successfully";
462     UniqueBlob x509_blob(x509_data, x509_data_length);
463     ASSERT_FALSE(x509_blob.get() == NULL)
464             << "X509 data should be allocated";
465 
466     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
467     Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
468             static_cast<long>(x509_blob.length())));
469 
470     ASSERT_EQ(EVP_PKEY_EC, EVP_PKEY_type(actual.get()->type))
471             << "Generated key type should be of type EC";
472 
473     Unique_EC_KEY ecKey(EVP_PKEY_get1_EC_KEY(actual.get()));
474     ASSERT_FALSE(ecKey.get() == NULL)
475             << "Should be able to extract EC key from EVP_PKEY";
476 
477     ASSERT_FALSE(EC_KEY_get0_group(ecKey.get()) == NULL)
478             << "EC key should have a EC_GROUP";
479 
480     ASSERT_TRUE(EC_KEY_check_key(ecKey.get()))
481             << "EC key should check correctly";
482 }
483 
484 INSTANTIATE_TEST_CASE_P(EC,
485                         KeymasterGenerateECTest,
486                         ::testing::Values(192U, 224U, 256U, 384U, 521U));
487 
488 
TEST_P(KeymasterAllTypesTest,GenerateKeyPair_NullParams_Failure)489 TEST_P(KeymasterAllTypesTest, GenerateKeyPair_NullParams_Failure) {
490     keymaster_keypair_t key_type = GetParam();
491 
492     uint8_t* key_blob;
493     size_t key_blob_length;
494 
495     ASSERT_EQ(-1,
496             sDevice->generate_keypair(sDevice, key_type, NULL, &key_blob, &key_blob_length))
497             << "Should not be able to generate a key with null params";
498 }
499 
500 INSTANTIATE_TEST_CASE_P(Types,
501                         KeymasterAllTypesTest,
502                         ::testing::Values(TYPE_RSA, TYPE_DSA, TYPE_EC));
503 
TEST_F(KeymasterTest,GenerateKeyPair_UnknownType_Failure)504 TEST_F(KeymasterTest, GenerateKeyPair_UnknownType_Failure) {
505     keymaster_keypair_t key_type = static_cast<keymaster_keypair_t>(0xFFFF);
506 
507     uint8_t* key_blob;
508     size_t key_blob_length;
509 
510     ASSERT_EQ(-1,
511             sDevice->generate_keypair(sDevice, key_type, NULL, &key_blob, &key_blob_length))
512             << "Should not generate an unknown key type";
513 }
514 
TEST_F(KeymasterTest,ImportKeyPair_RSA_Success)515 TEST_F(KeymasterTest, ImportKeyPair_RSA_Success) {
516     uint8_t* key_blob;
517     size_t key_blob_length;
518 
519     ASSERT_EQ(0,
520             sDevice->import_keypair(sDevice, TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1),
521                     &key_blob, &key_blob_length))
522             << "Should successfully import an RSA key";
523     UniqueKey key(&sDevice, key_blob, key_blob_length);
524 
525     uint8_t* x509_data;
526     size_t x509_data_length;
527     ASSERT_EQ(0,
528             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
529                     &x509_data, &x509_data_length))
530             << "Should be able to retrieve RSA public key successfully";
531     UniqueBlob x509_blob(x509_data, x509_data_length);
532 
533     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
534     Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
535             static_cast<long>(x509_blob.length())));
536 
537     ASSERT_EQ(EVP_PKEY_type(actual.get()->type), EVP_PKEY_RSA)
538             << "Generated key type should be of type RSA";
539 
540     const unsigned char *expectedTmp = static_cast<const unsigned char*>(TEST_RSA_KEY_1);
541     Unique_PKCS8_PRIV_KEY_INFO expectedPkcs8(
542             d2i_PKCS8_PRIV_KEY_INFO((PKCS8_PRIV_KEY_INFO**) NULL, &expectedTmp,
543                     sizeof(TEST_RSA_KEY_1)));
544 
545     Unique_EVP_PKEY expected(EVP_PKCS82PKEY(expectedPkcs8.get()));
546 
547     ASSERT_EQ(1, EVP_PKEY_cmp(expected.get(), actual.get()))
548             << "Expected and actual keys should match";
549 }
550 
TEST_F(KeymasterTest,ImportKeyPair_EC_Success)551 TEST_F(KeymasterTest, ImportKeyPair_EC_Success) {
552     uint8_t* key_blob;
553     size_t key_blob_length;
554 
555     ASSERT_EQ(0,
556             sDevice->import_keypair(sDevice, TEST_EC_KEY_1, sizeof(TEST_EC_KEY_1),
557                     &key_blob, &key_blob_length))
558             << "Should successfully import an EC key";
559     UniqueKey key(&sDevice, key_blob, key_blob_length);
560 
561     uint8_t* x509_data;
562     size_t x509_data_length;
563     ASSERT_EQ(0,
564             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
565                     &x509_data, &x509_data_length))
566             << "Should be able to retrieve EC public key successfully";
567     UniqueBlob x509_blob(x509_data, x509_data_length);
568 
569     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
570     Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
571             static_cast<long>(x509_blob.length())));
572 
573     ASSERT_EQ(EVP_PKEY_type(actual.get()->type), EVP_PKEY_EC)
574             << "Generated key type should be of type EC";
575 
576     const unsigned char *expectedTmp = static_cast<const unsigned char*>(TEST_EC_KEY_1);
577     Unique_PKCS8_PRIV_KEY_INFO expectedPkcs8(
578             d2i_PKCS8_PRIV_KEY_INFO((PKCS8_PRIV_KEY_INFO**) NULL, &expectedTmp,
579                     sizeof(TEST_EC_KEY_1)));
580 
581     Unique_EVP_PKEY expected(EVP_PKCS82PKEY(expectedPkcs8.get()));
582 
583     ASSERT_EQ(1, EVP_PKEY_cmp(expected.get(), actual.get()))
584             << "Expected and actual keys should match";
585 }
586 
TEST_F(KeymasterTest,ImportKeyPair_BogusKey_Failure)587 TEST_F(KeymasterTest, ImportKeyPair_BogusKey_Failure) {
588     uint8_t* key_blob;
589     size_t key_blob_length;
590 
591     ASSERT_EQ(-1,
592             sDevice->import_keypair(sDevice, BOGUS_KEY_1, sizeof(BOGUS_KEY_1),
593                     &key_blob, &key_blob_length))
594             << "Should not import an unknown key type";
595 }
596 
TEST_F(KeymasterTest,ImportKeyPair_NullKey_Failure)597 TEST_F(KeymasterTest, ImportKeyPair_NullKey_Failure) {
598     uint8_t* key_blob;
599     size_t key_blob_length;
600 
601     ASSERT_EQ(-1,
602             sDevice->import_keypair(sDevice, NULL, 0,
603                     &key_blob, &key_blob_length))
604             << "Should not import a null key";
605 }
606 
TEST_F(KeymasterTest,GetKeypairPublic_RSA_Success)607 TEST_F(KeymasterTest, GetKeypairPublic_RSA_Success) {
608     uint8_t* key_blob;
609     size_t key_blob_length;
610 
611     UniqueReadOnlyBlob testKey(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
612     ASSERT_TRUE(testKey.get() != NULL);
613 
614     ASSERT_EQ(0,
615             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
616                     &key_blob, &key_blob_length))
617             << "Should successfully import an RSA key";
618     UniqueKey key(&sDevice, key_blob, key_blob_length);
619 
620     uint8_t* x509_data;
621     size_t x509_data_length;
622     ASSERT_EQ(0,
623             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
624                     &x509_data, &x509_data_length))
625             << "Should be able to retrieve RSA public key successfully";
626     UniqueBlob x509_blob(x509_data, x509_data_length);
627 }
628 
TEST_F(KeymasterTest,GetKeypairPublic_EC_Success)629 TEST_F(KeymasterTest, GetKeypairPublic_EC_Success) {
630     uint8_t* key_blob;
631     size_t key_blob_length;
632 
633     UniqueReadOnlyBlob testKey(TEST_EC_KEY_1, sizeof(TEST_EC_KEY_1));
634     ASSERT_TRUE(testKey.get() != NULL);
635 
636     ASSERT_EQ(0,
637             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
638                     &key_blob, &key_blob_length))
639             << "Should successfully import an EC key";
640     UniqueKey key(&sDevice, key_blob, key_blob_length);
641 
642     uint8_t* x509_data;
643     size_t x509_data_length;
644     ASSERT_EQ(0,
645             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
646                     &x509_data, &x509_data_length))
647             << "Should be able to retrieve EC public key successfully";
648     UniqueBlob x509_blob(x509_data, x509_data_length);
649 }
650 
TEST_F(KeymasterTest,GetKeypairPublic_NullKey_Failure)651 TEST_F(KeymasterTest, GetKeypairPublic_NullKey_Failure) {
652     uint8_t* x509_data = NULL;
653     size_t x509_data_length;
654     ASSERT_EQ(-1,
655             sDevice->get_keypair_public(sDevice, NULL, 0,
656                     &x509_data, &x509_data_length))
657             << "Should not be able to retrieve public key from null key";
658     UniqueBlob x509_blob(x509_data, x509_data_length);
659 }
660 
TEST_F(KeymasterTest,GetKeypairPublic_RSA_NullDestination_Failure)661 TEST_F(KeymasterTest, GetKeypairPublic_RSA_NullDestination_Failure) {
662     uint8_t* key_blob;
663     size_t key_blob_length;
664 
665     UniqueReadOnlyBlob testKey(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
666     ASSERT_TRUE(testKey.get() != NULL);
667 
668     ASSERT_EQ(0,
669             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
670                     &key_blob, &key_blob_length))
671             << "Should successfully import an RSA key";
672     UniqueKey key(&sDevice, key_blob, key_blob_length);
673 
674     ASSERT_EQ(-1,
675             sDevice->get_keypair_public(sDevice, key.get(), key.length(),
676                     NULL, NULL))
677             << "Should not be able to succeed with NULL destination blob";
678 }
679 
TEST_F(KeymasterTest,GetKeypairPublic_EC_NullDestination_Failure)680 TEST_F(KeymasterTest, GetKeypairPublic_EC_NullDestination_Failure) {
681     uint8_t* key_blob;
682     size_t key_blob_length;
683 
684     UniqueReadOnlyBlob testKey(TEST_EC_KEY_1, sizeof(TEST_EC_KEY_1));
685     ASSERT_TRUE(testKey.get() != NULL);
686 
687     ASSERT_EQ(0,
688             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
689                     &key_blob, &key_blob_length))
690             << "Should successfully import an RSA key";
691     UniqueKey key(&sDevice, key_blob, key_blob_length);
692 
693     ASSERT_EQ(-1,
694             sDevice->get_keypair_public(sDevice, key.get(), key.length(),
695                     NULL, NULL))
696             << "Should not be able to succeed with NULL destination blob";
697 }
698 
TEST_F(KeymasterTest,DeleteKeyPair_RSA_Success)699 TEST_F(KeymasterTest, DeleteKeyPair_RSA_Success) {
700     uint8_t* key_blob;
701     size_t key_blob_length;
702 
703     UniqueReadOnlyBlob testKey(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
704     ASSERT_TRUE(testKey.get() != NULL);
705 
706     ASSERT_EQ(0,
707             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
708                     &key_blob, &key_blob_length))
709             << "Should successfully import an RSA key";
710     UniqueKey key(&sDevice, key_blob, key_blob_length);
711 }
712 
TEST_F(KeymasterTest,DeleteKeyPair_RSA_DoubleDelete_Failure)713 TEST_F(KeymasterTest, DeleteKeyPair_RSA_DoubleDelete_Failure) {
714     uint8_t* key_blob;
715     size_t key_blob_length;
716 
717     UniqueReadOnlyBlob testKey(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
718     ASSERT_TRUE(testKey.get() != NULL);
719 
720     /*
721      * This is only run if the module indicates it implements key deletion
722      * by implementing delete_keypair.
723      */
724     if (sDevice->delete_keypair != NULL) {
725         ASSERT_EQ(0,
726                 sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
727                         &key_blob, &key_blob_length))
728                 << "Should successfully import an RSA key";
729         UniqueBlob blob(key_blob, key_blob_length);
730 
731         ASSERT_EQ(0, sDevice->delete_keypair(sDevice, key_blob, key_blob_length))
732                 << "Should delete key after import";
733 
734         ASSERT_EQ(-1, sDevice->delete_keypair(sDevice, key_blob, key_blob_length))
735                 << "Should not be able to delete key twice";
736     }
737 }
738 
TEST_F(KeymasterTest,DeleteKeyPair_RSA_NullKey_Failure)739 TEST_F(KeymasterTest, DeleteKeyPair_RSA_NullKey_Failure) {
740     /*
741      * This is only run if the module indicates it implements key deletion
742      * by implementing delete_keypair.
743      */
744     if (sDevice->delete_keypair != NULL) {
745         ASSERT_EQ(-1, sDevice->delete_keypair(sDevice, NULL, 0))
746                 << "Should not be able to delete null key";
747     }
748 }
749 
750 /*
751  * DER-encoded PKCS#8 format RSA key. Generated using:
752  *
753  * openssl genrsa 512 | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
754  */
755 static uint8_t TEST_SIGN_RSA_KEY_1[] = {
756         0x30, 0x82, 0x01, 0x56, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A,
757         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
758         0x01, 0x40, 0x30, 0x82, 0x01, 0x3C, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
759         0xBD, 0xC0, 0x7F, 0xEF, 0x75, 0x1D, 0x63, 0x2A, 0xD0, 0x9A, 0x26, 0xE5,
760         0x5B, 0xB9, 0x84, 0x7C, 0xE5, 0xC7, 0xE7, 0xDE, 0xFE, 0xB6, 0x54, 0xD9,
761         0xF0, 0x9B, 0xC2, 0xCF, 0x36, 0xDA, 0xE5, 0x4D, 0xC5, 0xD9, 0x25, 0x78,
762         0xBD, 0x55, 0x05, 0xBD, 0x86, 0xFB, 0x37, 0x15, 0x33, 0x42, 0x52, 0xED,
763         0xE5, 0xCD, 0xCB, 0xB7, 0xA2, 0x51, 0xFA, 0x36, 0xE9, 0x9C, 0x2E, 0x5D,
764         0xE3, 0xA5, 0x1F, 0x01, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x41, 0x00,
765         0x96, 0x71, 0xDE, 0xBD, 0x83, 0x94, 0x96, 0x40, 0xA6, 0xFD, 0xE1, 0xA2,
766         0xED, 0xD3, 0xAC, 0x28, 0xBE, 0xA2, 0x7D, 0xC3, 0xFF, 0x1D, 0x9F, 0x2E,
767         0xE0, 0xA7, 0x0E, 0x90, 0xEE, 0x44, 0x25, 0x92, 0xE3, 0x54, 0xDD, 0x55,
768         0xA3, 0xEF, 0x42, 0xF5, 0x52, 0x55, 0x41, 0x47, 0x5E, 0x00, 0xFB, 0x8B,
769         0x47, 0x5E, 0x45, 0x49, 0xEA, 0x3D, 0x2C, 0xFD, 0x9F, 0xEC, 0xC8, 0x4E,
770         0x4E, 0x86, 0x90, 0x31, 0x02, 0x21, 0x00, 0xE6, 0xA5, 0x55, 0xB3, 0x64,
771         0xAB, 0x90, 0x5E, 0xA2, 0xF5, 0x6B, 0x21, 0x4B, 0x15, 0xD6, 0x4A, 0xB6,
772         0x60, 0x24, 0x95, 0x65, 0xA2, 0xBE, 0xBA, 0x2A, 0x73, 0xFB, 0xFF, 0x2C,
773         0x61, 0x88, 0x9D, 0x02, 0x21, 0x00, 0xD2, 0x9C, 0x5B, 0xFE, 0x82, 0xA5,
774         0xFC, 0x52, 0x6A, 0x29, 0x38, 0xDB, 0x22, 0x3B, 0xEB, 0x74, 0x3B, 0xCA,
775         0xB4, 0xDD, 0x1D, 0xE4, 0x48, 0x60, 0x70, 0x19, 0x9B, 0x81, 0xC1, 0x83,
776         0x28, 0xB5, 0x02, 0x21, 0x00, 0x89, 0x2D, 0xFE, 0xF9, 0xF2, 0xBF, 0x43,
777         0xDF, 0xB5, 0xA6, 0xA8, 0x30, 0x26, 0x1B, 0x77, 0xD7, 0xF9, 0xFE, 0xD6,
778         0xE3, 0x70, 0x8E, 0xCA, 0x47, 0xA9, 0xA6, 0x50, 0x54, 0x25, 0xCE, 0x60,
779         0xD5, 0x02, 0x21, 0x00, 0xBE, 0x5A, 0xF8, 0x82, 0xE6, 0xCE, 0xE3, 0x6A,
780         0x11, 0xED, 0xC4, 0x27, 0xBB, 0x9F, 0x70, 0xC6, 0x93, 0xAC, 0x39, 0x20,
781         0x89, 0x7D, 0xE5, 0x34, 0xD4, 0xDD, 0x30, 0x42, 0x6D, 0x07, 0x00, 0xE9,
782         0x02, 0x20, 0x05, 0x91, 0xEF, 0x12, 0xD2, 0xD3, 0x6A, 0xD2, 0x96, 0x6B,
783         0x10, 0x62, 0xF9, 0xBA, 0xA4, 0x91, 0x48, 0x84, 0x40, 0x61, 0x67, 0x80,
784         0x68, 0x68, 0xC8, 0x60, 0xB3, 0x66, 0xC8, 0xF9, 0x08, 0x9A,
785 };
786 
787 /*
788  * DER-encoded PKCS#8 format EC key. Generated using:
789  *
790  * openssl ecparam -name prime256v1 -genkey -noout | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
791  */
792 static uint8_t TEST_SIGN_EC_KEY_1[] = {
793         0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86,
794         0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
795         0x03, 0x01, 0x07, 0x04, 0x6D, 0x30, 0x6B, 0x02, 0x01, 0x01, 0x04, 0x20,
796         0x9E, 0x66, 0x11, 0x6A, 0x89, 0xF5, 0x78, 0x57, 0xF3, 0x35, 0xA2, 0x46,
797         0x09, 0x06, 0x4B, 0x4D, 0x81, 0xEC, 0xD3, 0x9B, 0x0A, 0xC4, 0x68, 0x06,
798         0xB8, 0x42, 0x24, 0x5E, 0x74, 0x2C, 0x62, 0x79, 0xA1, 0x44, 0x03, 0x42,
799         0x00, 0x04, 0x35, 0xB5, 0x9A, 0x5C, 0xE5, 0x52, 0x35, 0xF2, 0x10, 0x6C,
800         0xD9, 0x98, 0x67, 0xED, 0x5E, 0xCB, 0x6B, 0xB8, 0x96, 0x5E, 0x54, 0x7C,
801         0x34, 0x2A, 0xA3, 0x3B, 0xF3, 0xD1, 0x39, 0x48, 0x36, 0x7A, 0xEA, 0xD8,
802         0xCA, 0xDD, 0x40, 0x8F, 0xE9, 0xE0, 0x95, 0x2E, 0x3F, 0x95, 0x0F, 0x14,
803         0xD6, 0x14, 0x78, 0xB5, 0xAD, 0x17, 0xD2, 0x5A, 0x41, 0x96, 0x99, 0x20,
804         0xC7, 0x5B, 0x0F, 0x60, 0xFD, 0xBA
805 };
806 
807 /*
808  * PKCS#1 v1.5 padded raw "Hello, world"  Can be generated be generated by verifying
809  * the signature below in no padding mode:
810  *
811  * openssl rsautl -keyform der -inkey rsa.der -raw -verify -in test.sig
812  */
813 static uint8_t TEST_SIGN_DATA_1[] = {
814         0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
815         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
816         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
817         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
818         0xFF, 0xFF, 0xFF, 0x00, 0x48, 0x65, 0x6C, 0x6C, 0x6F, 0x2C, 0x20, 0x77,
819         0x6F, 0x72, 0x6C, 0x64,
820 };
821 
822 /*
823  * Signature of TEST_SIGN_DATA_1 using TEST_SIGN_RSA_KEY_1. Generated using:
824  *
825  * echo 'Hello, world' | openssl rsautl -keyform der -inkey rsa.der -sign | recode ../x1
826  */
827 static uint8_t TEST_SIGN_RSA_SIGNATURE_1[] = {
828         0xA4, 0xBB, 0x76, 0x87, 0xFE, 0x61, 0x0C, 0x9D, 0xD6, 0xFF, 0x4B, 0x76,
829         0x96, 0x08, 0x36, 0x23, 0x11, 0xC6, 0x44, 0x3F, 0x88, 0x77, 0x97, 0xB2,
830         0xA8, 0x3B, 0xFB, 0x9C, 0x3C, 0xD3, 0x20, 0x65, 0xFD, 0x26, 0x3B, 0x2A,
831         0xB8, 0xB6, 0xD4, 0xDC, 0x91, 0xF7, 0xE2, 0xDE, 0x4D, 0xF7, 0x0E, 0xB9,
832         0x72, 0xA7, 0x29, 0x72, 0x82, 0x12, 0x7C, 0x53, 0x23, 0x21, 0xC4, 0xFF,
833         0x79, 0xE4, 0x91, 0x40,
834 };
835 
836 /*
837  * Identical to TEST_SIGN_RSA_SIGNATURE_1 except the last octet is '1' instead of '0'
838  * This should fail any test.
839  */
840 static uint8_t TEST_SIGN_SIGNATURE_BOGUS_1[] = {
841         0xA4, 0xBB, 0x76, 0x87, 0xFE, 0x61, 0x0C, 0x9D, 0xD6, 0xFF, 0x4B, 0x76,
842         0x96, 0x08, 0x36, 0x23, 0x11, 0xC6, 0x44, 0x3F, 0x88, 0x77, 0x97, 0xB2,
843         0xA8, 0x3B, 0xFB, 0x9C, 0x3C, 0xD3, 0x20, 0x65, 0xFD, 0x26, 0x3B, 0x2A,
844         0xB8, 0xB6, 0xD4, 0xDC, 0x91, 0xF7, 0xE2, 0xDE, 0x4D, 0xF7, 0x0E, 0xB9,
845         0x72, 0xA7, 0x29, 0x72, 0x82, 0x12, 0x7C, 0x53, 0x23, 0x21, 0xC4, 0xFF,
846         0x79, 0xE4, 0x91, 0x41,
847 };
848 
TEST_F(KeymasterTest,SignData_RSA_Raw_Success)849 TEST_F(KeymasterTest, SignData_RSA_Raw_Success) {
850     uint8_t* key_blob;
851     size_t key_blob_length;
852 
853     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
854     ASSERT_TRUE(testKey.get() != NULL);
855 
856     ASSERT_EQ(0,
857             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
858                     &key_blob, &key_blob_length))
859             << "Should successfully import an RSA key";
860     UniqueKey key(&sDevice, key_blob, key_blob_length);
861 
862     keymaster_rsa_sign_params_t params = {
863             .digest_type = DIGEST_NONE,
864             .padding_type = PADDING_NONE,
865     };
866 
867     uint8_t* sig;
868     size_t sig_length;
869 
870     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
871     ASSERT_TRUE(testData.get() != NULL);
872 
873     ASSERT_EQ(0,
874             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
875                     testData.get(), testData.length(),
876                     &sig, &sig_length))
877             << "Should sign data successfully";
878     UniqueBlob sig_blob(sig, sig_length);
879 
880     UniqueBlob expected_sig(TEST_SIGN_RSA_SIGNATURE_1, sizeof(TEST_SIGN_RSA_SIGNATURE_1));
881 
882     ASSERT_EQ(expected_sig, sig_blob)
883             << "Generated signature should match expected signature";
884 
885     // The expected signature is actually stack data, so don't let it try to free.
886     uint8_t* unused __attribute__((unused)) = expected_sig.release();
887 }
888 
TEST_F(KeymasterTest,SignData_EC_Success)889 TEST_F(KeymasterTest, SignData_EC_Success) {
890     uint8_t* key_blob;
891     size_t key_blob_length;
892 
893     UniqueReadOnlyBlob testKey(TEST_SIGN_EC_KEY_1, sizeof(TEST_SIGN_EC_KEY_1));
894     ASSERT_TRUE(testKey.get() != NULL);
895 
896     ASSERT_EQ(0,
897             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
898                     &key_blob, &key_blob_length))
899             << "Should successfully import an EC key";
900     UniqueKey key(&sDevice, key_blob, key_blob_length);
901 
902     keymaster_ec_sign_params_t params = {
903             .digest_type = DIGEST_NONE,
904     };
905 
906     uint8_t* sig;
907     size_t sig_length;
908 
909     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
910     ASSERT_TRUE(testData.get() != NULL);
911 
912     ASSERT_EQ(0,
913             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
914                     testData.get(), testData.length(),
915                     &sig, &sig_length))
916             << "Should sign data successfully";
917     UniqueBlob sig_blob(sig, sig_length);
918 
919     uint8_t* x509_data;
920     size_t x509_data_length;
921     ASSERT_EQ(0,
922             sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
923                     &x509_data, &x509_data_length))
924             << "Should be able to retrieve RSA public key successfully";
925     UniqueBlob x509_blob(x509_data, x509_data_length);
926 
927     const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
928     Unique_EVP_PKEY expected(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
929             static_cast<long>(x509_blob.length())));
930 
931     Unique_EC_KEY ecKey(EVP_PKEY_get1_EC_KEY(expected.get()));
932 
933     ASSERT_EQ(1, ECDSA_verify(0, testData.get(), testData.length(), sig_blob.get(), sig_blob.length(), ecKey.get()))
934             << "Signature should verify";
935 }
936 
TEST_F(KeymasterTest,SignData_RSA_Raw_InvalidSizeInput_Failure)937 TEST_F(KeymasterTest, SignData_RSA_Raw_InvalidSizeInput_Failure) {
938     uint8_t* key_blob;
939     size_t key_blob_length;
940 
941     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
942     ASSERT_TRUE(testKey.get() != NULL);
943 
944     ASSERT_EQ(0,
945             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
946                     &key_blob, &key_blob_length))
947             << "Should successfully import an RSA key";
948     UniqueKey key(&sDevice, key_blob, key_blob_length);
949 
950     keymaster_rsa_sign_params_t params = {
951             .digest_type = DIGEST_NONE,
952             .padding_type = PADDING_NONE,
953     };
954 
955     uint8_t* sig;
956     size_t sig_length;
957 
958     UniqueReadOnlyBlob testData(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
959     ASSERT_TRUE(testData.get() != NULL);
960 
961     ASSERT_EQ(-1,
962             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
963                     testData.get(), testData.length(),
964                     &sig, &sig_length))
965             << "Should not be able to do raw signature on incorrect size data";
966 }
967 
TEST_F(KeymasterTest,SignData_RSA_Raw_NullKey_Failure)968 TEST_F(KeymasterTest, SignData_RSA_Raw_NullKey_Failure) {
969     keymaster_rsa_sign_params_t params = {
970             .digest_type = DIGEST_NONE,
971             .padding_type = PADDING_NONE,
972     };
973 
974     uint8_t* sig;
975     size_t sig_length;
976 
977     UniqueReadOnlyBlob testData(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
978     ASSERT_TRUE(testData.get() != NULL);
979 
980     ASSERT_EQ(-1,
981             sDevice->sign_data(sDevice, &params, NULL, 0,
982                     testData.get(), testData.length(),
983                     &sig, &sig_length))
984             << "Should not be able to do raw signature on incorrect size data";
985 }
986 
TEST_F(KeymasterTest,SignData_RSA_Raw_NullInput_Failure)987 TEST_F(KeymasterTest, SignData_RSA_Raw_NullInput_Failure) {
988     uint8_t* key_blob;
989     size_t key_blob_length;
990 
991     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
992     ASSERT_TRUE(testKey.get() != NULL);
993 
994     ASSERT_EQ(0,
995             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
996                     &key_blob, &key_blob_length))
997             << "Should successfully import an RSA key";
998     UniqueKey key(&sDevice, key_blob, key_blob_length);
999 
1000     keymaster_rsa_sign_params_t params = {
1001             .digest_type = DIGEST_NONE,
1002             .padding_type = PADDING_NONE,
1003     };
1004 
1005     uint8_t* sig;
1006     size_t sig_length;
1007 
1008     ASSERT_EQ(-1,
1009             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
1010                     NULL, 0,
1011                     &sig, &sig_length))
1012             << "Should error when input data is null";
1013 }
1014 
TEST_F(KeymasterTest,SignData_RSA_Raw_NullOutput_Failure)1015 TEST_F(KeymasterTest, SignData_RSA_Raw_NullOutput_Failure) {
1016     uint8_t* key_blob;
1017     size_t key_blob_length;
1018 
1019     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1020     ASSERT_TRUE(testKey.get() != NULL);
1021 
1022     ASSERT_EQ(0,
1023             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1024                     &key_blob, &key_blob_length))
1025             << "Should successfully import an RSA key";
1026     UniqueKey key(&sDevice, key_blob, key_blob_length);
1027 
1028     keymaster_rsa_sign_params_t params = {
1029             .digest_type = DIGEST_NONE,
1030             .padding_type = PADDING_NONE,
1031     };
1032 
1033     UniqueReadOnlyBlob testData(TEST_RSA_KEY_1, sizeof(TEST_RSA_KEY_1));
1034     ASSERT_TRUE(testData.get() != NULL);
1035 
1036     ASSERT_EQ(-1,
1037             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
1038                     testData.get(), testData.length(),
1039                     NULL, NULL))
1040             << "Should error when output is null";
1041 }
1042 
TEST_F(KeymasterTest,VerifyData_RSA_Raw_Success)1043 TEST_F(KeymasterTest, VerifyData_RSA_Raw_Success) {
1044     uint8_t* key_blob;
1045     size_t key_blob_length;
1046 
1047     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1048     ASSERT_TRUE(testKey.get() != NULL);
1049 
1050     ASSERT_EQ(0,
1051             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1052                     &key_blob, &key_blob_length))
1053             << "Should successfully import an RSA key";
1054     UniqueKey key(&sDevice, key_blob, key_blob_length);
1055 
1056     keymaster_rsa_sign_params_t params = {
1057             .digest_type = DIGEST_NONE,
1058             .padding_type = PADDING_NONE,
1059     };
1060 
1061     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
1062     ASSERT_TRUE(testData.get() != NULL);
1063 
1064     UniqueReadOnlyBlob testSig(TEST_SIGN_RSA_SIGNATURE_1, sizeof(TEST_SIGN_RSA_SIGNATURE_1));
1065     ASSERT_TRUE(testSig.get() != NULL);
1066 
1067     ASSERT_EQ(0,
1068             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1069                     testData.get(), testData.length(),
1070                     testSig.get(), testSig.length()))
1071             << "Should verify data successfully";
1072 }
1073 
TEST_F(KeymasterTest,VerifyData_EC_Raw_Success)1074 TEST_F(KeymasterTest, VerifyData_EC_Raw_Success) {
1075     uint8_t* key_blob;
1076     size_t key_blob_length;
1077 
1078     UniqueReadOnlyBlob testKey(TEST_SIGN_EC_KEY_1, sizeof(TEST_SIGN_EC_KEY_1));
1079     ASSERT_TRUE(testKey.get() != NULL);
1080 
1081     ASSERT_EQ(0,
1082             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1083                     &key_blob, &key_blob_length))
1084             << "Should successfully import an RSA key";
1085     UniqueKey key(&sDevice, key_blob, key_blob_length);
1086 
1087     keymaster_ec_sign_params_t params = {
1088             .digest_type = DIGEST_NONE,
1089     };
1090 
1091     uint8_t* sig;
1092     size_t sig_length;
1093 
1094     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
1095     ASSERT_TRUE(testData.get() != NULL);
1096 
1097     ASSERT_EQ(0,
1098             sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
1099                     testData.get(), testData.length(),
1100                     &sig, &sig_length))
1101             << "Should sign data successfully";
1102     UniqueBlob sig_blob(sig, sig_length);
1103 
1104     ASSERT_EQ(0,
1105             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1106                     testData.get(), testData.length(),
1107                     sig_blob.get(), sig_blob.length()))
1108             << "Should verify data successfully";
1109 }
1110 
TEST_F(KeymasterTest,VerifyData_RSA_Raw_BadSignature_Failure)1111 TEST_F(KeymasterTest, VerifyData_RSA_Raw_BadSignature_Failure) {
1112     uint8_t* key_blob;
1113     size_t key_blob_length;
1114 
1115     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1116     ASSERT_TRUE(testKey.get() != NULL);
1117 
1118     ASSERT_EQ(0,
1119             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1120                     &key_blob, &key_blob_length))
1121             << "Should successfully import an RSA key";
1122     UniqueKey key(&sDevice, key_blob, key_blob_length);
1123 
1124     keymaster_rsa_sign_params_t params = {
1125             .digest_type = DIGEST_NONE,
1126             .padding_type = PADDING_NONE,
1127     };
1128 
1129     ASSERT_EQ(-1,
1130             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1131                     TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1),
1132                     TEST_SIGN_SIGNATURE_BOGUS_1, sizeof(TEST_SIGN_SIGNATURE_BOGUS_1)))
1133             << "Should sign data successfully";
1134 }
1135 
TEST_F(KeymasterTest,VerifyData_EC_Raw_BadSignature_Failure)1136 TEST_F(KeymasterTest, VerifyData_EC_Raw_BadSignature_Failure) {
1137     uint8_t* key_blob;
1138     size_t key_blob_length;
1139 
1140     UniqueReadOnlyBlob testKey(TEST_SIGN_EC_KEY_1, sizeof(TEST_SIGN_EC_KEY_1));
1141     ASSERT_TRUE(testKey.get() != NULL);
1142 
1143     ASSERT_EQ(0,
1144             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1145                     &key_blob, &key_blob_length))
1146             << "Should successfully import an RSA key";
1147     UniqueKey key(&sDevice, key_blob, key_blob_length);
1148 
1149     keymaster_ec_sign_params_t params = {
1150             .digest_type = DIGEST_NONE,
1151     };
1152 
1153     ASSERT_EQ(-1,
1154             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1155                     TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1),
1156                     TEST_SIGN_SIGNATURE_BOGUS_1, sizeof(TEST_SIGN_SIGNATURE_BOGUS_1)))
1157             << "Should sign data successfully";
1158 }
1159 
TEST_F(KeymasterTest,VerifyData_RSA_Raw_NullKey_Failure)1160 TEST_F(KeymasterTest, VerifyData_RSA_Raw_NullKey_Failure) {
1161     keymaster_rsa_sign_params_t params = {
1162             .digest_type = DIGEST_NONE,
1163             .padding_type = PADDING_NONE,
1164     };
1165 
1166     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
1167     ASSERT_TRUE(testData.get() != NULL);
1168 
1169     UniqueReadOnlyBlob testSig(TEST_SIGN_SIGNATURE_BOGUS_1, sizeof(TEST_SIGN_SIGNATURE_BOGUS_1));
1170     ASSERT_TRUE(testSig.get() != NULL);
1171 
1172     ASSERT_EQ(-1,
1173             sDevice->verify_data(sDevice, &params, NULL, 0,
1174                     testData.get(), testData.length(),
1175                     testSig.get(), testSig.length()))
1176             << "Should fail when key is null";
1177 }
1178 
TEST_F(KeymasterTest,VerifyData_RSA_NullInput_Failure)1179 TEST_F(KeymasterTest, VerifyData_RSA_NullInput_Failure) {
1180     uint8_t* key_blob;
1181     size_t key_blob_length;
1182 
1183     ASSERT_EQ(0,
1184             sDevice->import_keypair(sDevice, TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1),
1185                     &key_blob, &key_blob_length))
1186             << "Should successfully import an RSA key";
1187     UniqueKey key(&sDevice, key_blob, key_blob_length);
1188 
1189     keymaster_rsa_sign_params_t params = {
1190             .digest_type = DIGEST_NONE,
1191             .padding_type = PADDING_NONE,
1192     };
1193 
1194     UniqueReadOnlyBlob testSig(TEST_SIGN_RSA_SIGNATURE_1, sizeof(TEST_SIGN_RSA_SIGNATURE_1));
1195     ASSERT_TRUE(testSig.get() != NULL);
1196 
1197     ASSERT_EQ(-1,
1198             sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
1199                     NULL, 0,
1200                     testSig.get(), testSig.length()))
1201             << "Should fail on null input";
1202 }
1203 
TEST_F(KeymasterTest,VerifyData_RSA_NullSignature_Failure)1204 TEST_F(KeymasterTest, VerifyData_RSA_NullSignature_Failure) {
1205     uint8_t* key_blob;
1206     size_t key_blob_length;
1207 
1208     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1209     ASSERT_TRUE(testKey.get() != NULL);
1210 
1211     ASSERT_EQ(0,
1212             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1213                     &key_blob, &key_blob_length))
1214             << "Should successfully import an RSA key";
1215     UniqueKey key(&sDevice, key_blob, key_blob_length);
1216 
1217     keymaster_rsa_sign_params_t params = {
1218             .digest_type = DIGEST_NONE,
1219             .padding_type = PADDING_NONE,
1220     };
1221 
1222     UniqueReadOnlyBlob testData(TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1));
1223     ASSERT_TRUE(testData.get() != NULL);
1224 
1225     ASSERT_EQ(-1,
1226             sDevice->verify_data(sDevice, &params, key.get(), key.length(),
1227                     testData.get(), testData.length(),
1228                     NULL, 0))
1229             << "Should fail on null signature";
1230 }
1231 
TEST_F(KeymasterTest,EraseAll_Success)1232 TEST_F(KeymasterTest, EraseAll_Success) {
1233     uint8_t *key1_blob, *key2_blob;
1234     size_t key1_blob_length, key2_blob_length;
1235 
1236     // Only test this if the device says it supports delete_all
1237     if (sDevice->delete_all == NULL) {
1238         return;
1239     }
1240 
1241     UniqueReadOnlyBlob testKey(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1242     ASSERT_TRUE(testKey.get() != NULL);
1243 
1244     ASSERT_EQ(0,
1245             sDevice->import_keypair(sDevice, testKey.get(), testKey.length(),
1246                     &key1_blob, &key1_blob_length))
1247             << "Should successfully import an RSA key";
1248     UniqueKey key1(&sDevice, key1_blob, key1_blob_length);
1249 
1250     UniqueReadOnlyBlob testKey2(TEST_SIGN_RSA_KEY_1, sizeof(TEST_SIGN_RSA_KEY_1));
1251     ASSERT_TRUE(testKey2.get() != NULL);
1252 
1253     ASSERT_EQ(0,
1254             sDevice->import_keypair(sDevice, testKey2.get(), testKey2.length(),
1255                     &key2_blob, &key2_blob_length))
1256             << "Should successfully import an RSA key";
1257     UniqueKey key2(&sDevice, key2_blob, key2_blob_length);
1258 
1259     ASSERT_EQ(0, sDevice->delete_all(sDevice))
1260             << "Should erase all keys";
1261 
1262     key1.reset();
1263 
1264     uint8_t* x509_data;
1265     size_t x509_data_length;
1266     ASSERT_EQ(-1,
1267             sDevice->get_keypair_public(sDevice, key1_blob, key1_blob_length,
1268                     &x509_data, &x509_data_length))
1269             << "Should be able to retrieve RSA public key 1 successfully";
1270 
1271     ASSERT_EQ(-1,
1272             sDevice->get_keypair_public(sDevice, key2_blob, key2_blob_length,
1273                     &x509_data, &x509_data_length))
1274             << "Should be able to retrieve RSA public key 2 successfully";
1275 }
1276 
1277 }
1278