1 #include <memory>
2
3 #include "gtest/gtest.h"
4 #include "avb_tools.h"
5 #include "nugget_tools.h"
6 #include "nugget/app/avb/avb.pb.h"
7 #include "nugget/app/keymaster/keymaster.pb.h"
8 #include "Keymaster.client.h"
9 #include <application.h>
10 #include <keymaster.h>
11 #include <nos/AppClient.h>
12 #include <nos/NuggetClientInterface.h>
13 #include "util.h"
14
15 #include <openssl/bio.h>
16 #include <openssl/evp.h>
17 #include <openssl/pem.h>
18
19 using std::cout;
20 using std::string;
21 using std::unique_ptr;
22
23 using namespace nugget::app::avb;
24 using namespace nugget::app::keymaster;
25
26 namespace {
27
28 class KeymasterProvisionTest: public testing::Test {
29 protected:
30 static unique_ptr<nos::NuggetClientInterface> client;
31 static unique_ptr<test_harness::TestHarness> uart_printer;
32
33 static void SetUpTestCase();
34 static void TearDownTestCase();
35
36 virtual void SetUp(void);
37
38 virtual void PopulateDefaultRequest(ProvisionDeviceIdsRequest *request);
39 };
40
41 unique_ptr<nos::NuggetClientInterface> KeymasterProvisionTest::client;
42 unique_ptr<test_harness::TestHarness> KeymasterProvisionTest::uart_printer;
43
SetUpTestCase()44 void KeymasterProvisionTest::SetUpTestCase() {
45 uart_printer = test_harness::TestHarness::MakeUnique();
46
47 client = nugget_tools::MakeNuggetClient();
48 client->Open();
49 EXPECT_TRUE(client->IsOpen()) << "Unable to connect";
50 }
51
TearDownTestCase()52 void KeymasterProvisionTest::TearDownTestCase() {
53 client->Close();
54 client = unique_ptr<nos::NuggetClientInterface>();
55
56 uart_printer = nullptr;
57 }
58
SetUp(void)59 void KeymasterProvisionTest::SetUp(void) {
60 avb_tools::ResetProduction(client.get());
61 }
62
PopulateDefaultRequest(ProvisionDeviceIdsRequest * request)63 void KeymasterProvisionTest::PopulateDefaultRequest(
64 ProvisionDeviceIdsRequest *request) {
65 request->set_product_brand("Pixel");
66 request->set_product_device("3");
67 request->set_product_name("Pixel");
68 request->set_serialno("12345678");
69 request->set_product_manufacturer("Google");
70 request->set_product_model("3");
71 request->set_imei("12345678");
72 request->set_meid("12345678");
73 }
74
75 // Tests
76
TEST_F(KeymasterProvisionTest,ProvisionDeviceIdsSuccess)77 TEST_F(KeymasterProvisionTest, ProvisionDeviceIdsSuccess) {
78 ProvisionDeviceIdsRequest request;
79 ProvisionDeviceIdsResponse response;
80
81 PopulateDefaultRequest(&request);
82
83 Keymaster service(*client);
84 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
85 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
86 }
87
TEST_F(KeymasterProvisionTest,ReProvisionDeviceIdsSuccess)88 TEST_F(KeymasterProvisionTest, ReProvisionDeviceIdsSuccess) {
89 ProvisionDeviceIdsRequest request;
90 ProvisionDeviceIdsResponse response;
91
92 PopulateDefaultRequest(&request);
93
94 Keymaster service(*client);
95
96 // First instance.
97 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
98 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
99
100 // Second ...
101 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
102 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
103 }
104
TEST_F(KeymasterProvisionTest,ProductionModeProvisionFails)105 TEST_F(KeymasterProvisionTest, ProductionModeProvisionFails) {
106 ProvisionDeviceIdsRequest request;
107 ProvisionDeviceIdsResponse response;
108
109 PopulateDefaultRequest(&request);
110
111 Keymaster service(*client);
112
113 // Set production bit.
114 avb_tools::SetProduction(client.get(), true, NULL, 0);
115
116 // Provisioning is now disallowed.
117 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
118 ASSERT_EQ((ErrorCode)response.error_code(),
119 ErrorCode::PRODUCTION_MODE_PROVISIONING);
120 }
121
TEST_F(KeymasterProvisionTest,InvalidDeviceIdFails)122 TEST_F(KeymasterProvisionTest, InvalidDeviceIdFails) {
123
124 ProvisionDeviceIdsRequest request;
125 ProvisionDeviceIdsResponse response;
126
127 PopulateDefaultRequest(&request);
128
129 string bad_serialno(KM_MNF_MAX_ENTRY_SIZE + 1, '5');
130 request.set_serialno(bad_serialno);
131
132 Keymaster service(*client);
133
134 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
135 ASSERT_EQ((ErrorCode)response.error_code(),
136 ErrorCode::INVALID_DEVICE_IDS);
137 }
138
TEST_F(KeymasterProvisionTest,MaxDeviceIdSuccess)139 TEST_F(KeymasterProvisionTest, MaxDeviceIdSuccess) {
140
141 ProvisionDeviceIdsRequest request;
142 ProvisionDeviceIdsResponse response;
143
144 PopulateDefaultRequest(&request);
145
146 string max_serialno(KM_MNF_MAX_ENTRY_SIZE, '5');
147 request.set_serialno(max_serialno);
148
149 Keymaster service(*client);
150
151 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
152 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
153 }
154
155 // Regression test for b/77830050#comment6
TEST_F(KeymasterProvisionTest,NoMeidSuccess)156 TEST_F(KeymasterProvisionTest, NoMeidSuccess) {
157
158 ProvisionDeviceIdsRequest request;
159 ProvisionDeviceIdsResponse response;
160
161 PopulateDefaultRequest(&request);
162 request.clear_meid();
163
164 Keymaster service(*client);
165
166 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
167 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
168 }
169
170 } // namespace
171