Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / 55d453f10ec366a66bf1aa6bae3d6732f5de0609^1..55d453f10ec366a66bf1aa6bae3d6732f5de0609 / .
commit55d453f10ec366a66bf1aa6bae3d6732f5de0609[log] [tgz]
authorSeth Moore <sethmo@google.com>Wed Jun 30 20:57:28 2021 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Wed Jun 30 20:57:28 2021 +0000
tree63f05b724b8c425df558b34c3e121243f5ac8d37
parentbe53a67a77c5a2fc693cb8260dbccad5156270fd [diff]
parent42a2f6b6e26dac1b282d91e7726203f10f4b4249 [diff]
Add a unit test for remote_prov_utils am: 42a2f6b6e2

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1748601

Change-Id: I885b63ac7aadd88351a3991576dc94562e13740d

diff --git a/security/keymint/support/Android.bp b/security/keymint/support/Android.bp
index 718133a..c2dba04 100644
--- a/security/keymint/support/Android.bp
+++ b/security/keymint/support/Android.bp

@@ -62,3 +62,19 @@
         "libcrypto",
     ],
 }
+
+cc_test {
+    name: "libkeymint_remote_prov_support_test",
+    srcs: ["remote_prov_utils_test.cpp"],
+    static_libs: [
+        "libgmock",
+        "libgtest_main",
+    ],
+    shared_libs: [
+        "libcppbor_external",
+        "libcppcose_rkp",
+        "libcrypto",
+        "libkeymaster_portable",
+        "libkeymint_remote_prov_support",
+    ],
+}

diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index 33f1ed3..ac7cb62 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp

@@ -31,6 +31,10 @@
 }
 
 ErrMsgOr<EekChain> generateEekChain(size_t length, const bytevec& eekId) {
+    if (length < 2) {
+        return "EEK chain must contain at least 2 certs.";
+    }
+
     auto eekChain = cppbor::Array();
 
     bytevec prev_priv_key;

diff --git a/security/keymint/support/remote_prov_utils_test.cpp b/security/keymint/support/remote_prov_utils_test.cpp
new file mode 100644
index 0000000..fbf5b95
--- /dev/null
+++ b/security/keymint/support/remote_prov_utils_test.cpp

@@ -0,0 +1,55 @@
+/*
+ * Copyright 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+#include <keymaster/android_keymaster_utils.h>
+#include <keymaster/remote_provisioning_utils.h>
+#include <openssl/curve25519.h>
+#include <remote_prov/remote_prov_utils.h>
+#include <cstdint>
+
+namespace aidl::android::hardware::security::keymint::remote_prov {
+namespace {
+
+using ::keymaster::KeymasterBlob;
+using ::keymaster::validateAndExtractEekPubAndId;
+using ::testing::ElementsAreArray;
+
+TEST(RemoteProvUtilsTest, GenerateEekChainInvalidLength) {
+    ASSERT_FALSE(generateEekChain(1, /*eekId=*/{}));
+}
+
+TEST(RemoteProvUtilsTest, GenerateEekChain) {
+    bytevec kTestEekId = {'t', 'e', 's', 't', 'I', 'd', 0};
+    for (size_t length : {2, 3, 31}) {
+        auto get_eek_result = generateEekChain(length, kTestEekId);
+        ASSERT_TRUE(get_eek_result) << get_eek_result.message();
+
+        auto& [chain, pubkey, privkey] = *get_eek_result;
+
+        auto validation_result = validateAndExtractEekPubAndId(
+                /*testMode=*/true, KeymasterBlob(chain.data(), chain.size()));
+        ASSERT_TRUE(validation_result.isOk());
+
+        auto& [eekPub, eekId] = *validation_result;
+        EXPECT_THAT(eekId, ElementsAreArray(kTestEekId));
+        EXPECT_THAT(eekPub, ElementsAreArray(pubkey));
+    }
+}
+
+}  // namespace
+}  // namespace aidl::android::hardware::security::keymint::remote_prov