Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2020 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Seth Moore | f1f6215 | 2022-09-13 12:00:30 -0700 | [diff] [blame] | 17 | #include <memory> |
Seth Moore | 2fc6f83 | 2022-09-13 16:10:11 -0700 | [diff] [blame] | 18 | #include <string> |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 19 | #define LOG_TAG "VtsRemotelyProvisionableComponentTests" |
| 20 | |
Seth Moore | 8f810b1 | 2022-12-12 16:51:01 -0800 | [diff] [blame] | 21 | #include <aidl/android/hardware/security/keymint/BnRemotelyProvisionedComponent.h> |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 22 | #include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h> |
| 23 | #include <aidl/android/hardware/security/keymint/SecurityLevel.h> |
| 24 | #include <android/binder_manager.h> |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 25 | #include <binder/IServiceManager.h> |
Tri Vo | ec50ee1 | 2023-02-14 16:29:53 -0800 | [diff] [blame] | 26 | #include <cppbor.h> |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 27 | #include <cppbor_parse.h> |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 28 | #include <gmock/gmock.h> |
Max Bires | 9704ff6 | 2021-04-07 11:12:01 -0700 | [diff] [blame] | 29 | #include <keymaster/cppcose/cppcose.h> |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 30 | #include <keymaster/keymaster_configuration.h> |
David Drysdale | f0d516d | 2021-03-22 07:51:43 +0000 | [diff] [blame] | 31 | #include <keymint_support/authorization_set.h> |
| 32 | #include <openssl/ec.h> |
| 33 | #include <openssl/ec_key.h> |
| 34 | #include <openssl/x509.h> |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 35 | #include <remote_prov/remote_prov_utils.h> |
Max Bires | 757ed42 | 2022-09-07 16:20:31 -0700 | [diff] [blame] | 36 | #include <optional> |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 37 | #include <set> |
Seth Moore | 42c1133 | 2021-07-02 15:38:17 -0700 | [diff] [blame] | 38 | #include <vector> |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 39 | |
David Drysdale | f0d516d | 2021-03-22 07:51:43 +0000 | [diff] [blame] | 40 | #include "KeyMintAidlTestBase.h" |
| 41 | |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 42 | namespace aidl::android::hardware::security::keymint::test { |
| 43 | |
| 44 | using ::std::string; |
| 45 | using ::std::vector; |
| 46 | |
| 47 | namespace { |
| 48 | |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 49 | constexpr int32_t VERSION_WITH_UNIQUE_ID_SUPPORT = 2; |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 50 | |
| 51 | constexpr int32_t VERSION_WITHOUT_EEK = 3; |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 52 | constexpr int32_t VERSION_WITHOUT_TEST_MODE = 3; |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 53 | constexpr int32_t VERSION_WITH_CERTIFICATE_REQUEST_V2 = 3; |
| 54 | constexpr int32_t VERSION_WITH_SUPPORTED_NUM_KEYS_IN_CSR = 3; |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 55 | |
Tommy Chiu | fde3ad1 | 2023-03-17 05:58:28 +0000 | [diff] [blame] | 56 | constexpr uint8_t MIN_CHALLENGE_SIZE = 0; |
| 57 | constexpr uint8_t MAX_CHALLENGE_SIZE = 64; |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 58 | |
Andrew Scull | 2146152 | 2024-03-25 15:08:08 +0000 | [diff] [blame] | 59 | const string KEYMINT_STRONGBOX_INSTANCE_NAME = |
| 60 | "android.hardware.security.keymint.IKeyMintDevice/strongbox"; |
Tommy Chiu | fde3ad1 | 2023-03-17 05:58:28 +0000 | [diff] [blame] | 61 | |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 62 | #define INSTANTIATE_REM_PROV_AIDL_TEST(name) \ |
Seth Moore | 6305e23 | 2021-07-27 14:20:17 -0700 | [diff] [blame] | 63 | GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(name); \ |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 64 | INSTANTIATE_TEST_SUITE_P( \ |
| 65 | PerInstance, name, \ |
| 66 | testing::ValuesIn(VtsRemotelyProvisionedComponentTests::build_params()), \ |
| 67 | ::android::PrintInstanceNameToString) |
| 68 | |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 69 | using ::android::sp; |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 70 | using bytevec = std::vector<uint8_t>; |
| 71 | using testing::MatchesRegex; |
| 72 | using namespace remote_prov; |
| 73 | using namespace keymaster; |
| 74 | |
| 75 | bytevec string_to_bytevec(const char* s) { |
| 76 | const uint8_t* p = reinterpret_cast<const uint8_t*>(s); |
| 77 | return bytevec(p, p + strlen(s)); |
| 78 | } |
| 79 | |
David Drysdale | e99ed86 | 2021-03-15 16:43:06 +0000 | [diff] [blame] | 80 | ErrMsgOr<MacedPublicKey> corrupt_maced_key(const MacedPublicKey& macedPubKey) { |
| 81 | auto [coseMac0, _, mac0ParseErr] = cppbor::parse(macedPubKey.macedKey); |
| 82 | if (!coseMac0 || coseMac0->asArray()->size() != kCoseMac0EntryCount) { |
| 83 | return "COSE Mac0 parse failed"; |
| 84 | } |
| 85 | auto protParams = coseMac0->asArray()->get(kCoseMac0ProtectedParams)->asBstr(); |
| 86 | auto unprotParams = coseMac0->asArray()->get(kCoseMac0UnprotectedParams)->asMap(); |
| 87 | auto payload = coseMac0->asArray()->get(kCoseMac0Payload)->asBstr(); |
| 88 | auto tag = coseMac0->asArray()->get(kCoseMac0Tag)->asBstr(); |
| 89 | if (!protParams || !unprotParams || !payload || !tag) { |
| 90 | return "Invalid COSE_Sign1: missing content"; |
| 91 | } |
| 92 | auto corruptMac0 = cppbor::Array(); |
| 93 | corruptMac0.add(protParams->clone()); |
| 94 | corruptMac0.add(unprotParams->clone()); |
| 95 | corruptMac0.add(payload->clone()); |
| 96 | vector<uint8_t> tagData = tag->value(); |
| 97 | tagData[0] ^= 0x08; |
| 98 | tagData[tagData.size() - 1] ^= 0x80; |
| 99 | corruptMac0.add(cppbor::Bstr(tagData)); |
| 100 | |
| 101 | return MacedPublicKey{corruptMac0.encode()}; |
| 102 | } |
| 103 | |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 104 | ErrMsgOr<cppbor::Array> corrupt_sig(const cppbor::Array* coseSign1) { |
| 105 | if (coseSign1->size() != kCoseSign1EntryCount) { |
| 106 | return "Invalid COSE_Sign1, wrong entry count"; |
| 107 | } |
| 108 | const cppbor::Bstr* protectedParams = coseSign1->get(kCoseSign1ProtectedParams)->asBstr(); |
| 109 | const cppbor::Map* unprotectedParams = coseSign1->get(kCoseSign1UnprotectedParams)->asMap(); |
| 110 | const cppbor::Bstr* payload = coseSign1->get(kCoseSign1Payload)->asBstr(); |
| 111 | const cppbor::Bstr* signature = coseSign1->get(kCoseSign1Signature)->asBstr(); |
| 112 | if (!protectedParams || !unprotectedParams || !payload || !signature) { |
| 113 | return "Invalid COSE_Sign1: missing content"; |
| 114 | } |
| 115 | |
| 116 | auto corruptSig = cppbor::Array(); |
| 117 | corruptSig.add(protectedParams->clone()); |
| 118 | corruptSig.add(unprotectedParams->clone()); |
| 119 | corruptSig.add(payload->clone()); |
| 120 | vector<uint8_t> sigData = signature->value(); |
| 121 | sigData[0] ^= 0x08; |
| 122 | corruptSig.add(cppbor::Bstr(sigData)); |
| 123 | |
| 124 | return std::move(corruptSig); |
| 125 | } |
| 126 | |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 127 | ErrMsgOr<bytevec> corrupt_sig_chain(const bytevec& encodedEekChain, int which) { |
| 128 | auto [chain, _, parseErr] = cppbor::parse(encodedEekChain); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 129 | if (!chain || !chain->asArray()) { |
| 130 | return "EekChain parse failed"; |
| 131 | } |
| 132 | |
| 133 | cppbor::Array* eekChain = chain->asArray(); |
| 134 | if (which >= eekChain->size()) { |
| 135 | return "selected sig out of range"; |
| 136 | } |
| 137 | auto corruptChain = cppbor::Array(); |
| 138 | |
| 139 | for (int ii = 0; ii < eekChain->size(); ++ii) { |
| 140 | if (ii == which) { |
| 141 | auto sig = corrupt_sig(eekChain->get(which)->asArray()); |
| 142 | if (!sig) { |
| 143 | return "Failed to build corrupted signature" + sig.moveMessage(); |
| 144 | } |
| 145 | corruptChain.add(sig.moveValue()); |
| 146 | } else { |
| 147 | corruptChain.add(eekChain->get(ii)->clone()); |
| 148 | } |
| 149 | } |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 150 | return corruptChain.encode(); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 151 | } |
| 152 | |
David Drysdale | 4d3c298 | 2021-03-31 18:21:40 +0100 | [diff] [blame] | 153 | string device_suffix(const string& name) { |
| 154 | size_t pos = name.find('/'); |
| 155 | if (pos == string::npos) { |
| 156 | return name; |
| 157 | } |
| 158 | return name.substr(pos + 1); |
| 159 | } |
| 160 | |
| 161 | bool matching_keymint_device(const string& rp_name, std::shared_ptr<IKeyMintDevice>* keyMint) { |
| 162 | string rp_suffix = device_suffix(rp_name); |
| 163 | |
| 164 | vector<string> km_names = ::android::getAidlHalInstanceNames(IKeyMintDevice::descriptor); |
| 165 | for (const string& km_name : km_names) { |
| 166 | // If the suffix of the KeyMint instance equals the suffix of the |
| 167 | // RemotelyProvisionedComponent instance, assume they match. |
| 168 | if (device_suffix(km_name) == rp_suffix && AServiceManager_isDeclared(km_name.c_str())) { |
| 169 | ::ndk::SpAIBinder binder(AServiceManager_waitForService(km_name.c_str())); |
| 170 | *keyMint = IKeyMintDevice::fromBinder(binder); |
| 171 | return true; |
| 172 | } |
| 173 | } |
| 174 | return false; |
| 175 | } |
| 176 | |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 177 | } // namespace |
| 178 | |
| 179 | class VtsRemotelyProvisionedComponentTests : public testing::TestWithParam<std::string> { |
| 180 | public: |
| 181 | virtual void SetUp() override { |
| 182 | if (AServiceManager_isDeclared(GetParam().c_str())) { |
| 183 | ::ndk::SpAIBinder binder(AServiceManager_waitForService(GetParam().c_str())); |
| 184 | provisionable_ = IRemotelyProvisionedComponent::fromBinder(binder); |
| 185 | } |
| 186 | ASSERT_NE(provisionable_, nullptr); |
Alice Wang | 895f4b3 | 2023-11-14 07:38:18 +0000 | [diff] [blame] | 187 | auto status = provisionable_->getHardwareInfo(&rpcHardwareInfo); |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 188 | isRkpVmInstance_ = GetParam() == RKPVM_INSTANCE_NAME; |
Karuna Wadhera | ca6d8cc | 2024-07-18 14:08:36 +0000 | [diff] [blame] | 189 | if (isRkpVmInstance_) { |
Alice Wang | 46ff286 | 2024-05-14 07:07:05 +0000 | [diff] [blame] | 190 | if (status.getExceptionCode() == EX_UNSUPPORTED_OPERATION) { |
| 191 | GTEST_SKIP() << "The RKP VM is not supported on this system."; |
| 192 | } |
| 193 | int apiLevel = get_vsr_api_level(); |
| 194 | if (apiLevel < __ANDROID_API_V__) { |
| 195 | GTEST_SKIP() << "The RKP VM is supported only on V+ devices. Vendor API level: " |
| 196 | << apiLevel; |
| 197 | } |
Alice Wang | 895f4b3 | 2023-11-14 07:38:18 +0000 | [diff] [blame] | 198 | } |
| 199 | ASSERT_TRUE(status.isOk()); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 200 | } |
| 201 | |
| 202 | static vector<string> build_params() { |
| 203 | auto params = ::android::getAidlHalInstanceNames(IRemotelyProvisionedComponent::descriptor); |
| 204 | return params; |
| 205 | } |
| 206 | |
| 207 | protected: |
| 208 | std::shared_ptr<IRemotelyProvisionedComponent> provisionable_; |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 209 | RpcHardwareInfo rpcHardwareInfo; |
Karuna Wadhera | ca6d8cc | 2024-07-18 14:08:36 +0000 | [diff] [blame] | 210 | bool isRkpVmInstance_; |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 211 | }; |
| 212 | |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 213 | /** |
| 214 | * Verify that every implementation reports a different unique id. |
| 215 | */ |
| 216 | TEST(NonParameterizedTests, eachRpcHasAUniqueId) { |
| 217 | std::set<std::string> uniqueIds; |
| 218 | for (auto hal : ::android::getAidlHalInstanceNames(IRemotelyProvisionedComponent::descriptor)) { |
| 219 | ASSERT_TRUE(AServiceManager_isDeclared(hal.c_str())); |
| 220 | ::ndk::SpAIBinder binder(AServiceManager_waitForService(hal.c_str())); |
| 221 | std::shared_ptr<IRemotelyProvisionedComponent> rpc = |
| 222 | IRemotelyProvisionedComponent::fromBinder(binder); |
| 223 | ASSERT_NE(rpc, nullptr); |
| 224 | |
| 225 | RpcHardwareInfo hwInfo; |
Alice Wang | 895f4b3 | 2023-11-14 07:38:18 +0000 | [diff] [blame] | 226 | auto status = rpc->getHardwareInfo(&hwInfo); |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 227 | if (hal == RKPVM_INSTANCE_NAME && status.getExceptionCode() == EX_UNSUPPORTED_OPERATION) { |
Alice Wang | 895f4b3 | 2023-11-14 07:38:18 +0000 | [diff] [blame] | 228 | GTEST_SKIP() << "The RKP VM is not supported on this system."; |
| 229 | } |
| 230 | ASSERT_TRUE(status.isOk()); |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 231 | |
Tri Vo | dd12c48 | 2022-10-12 22:41:28 +0000 | [diff] [blame] | 232 | if (hwInfo.versionNumber >= VERSION_WITH_UNIQUE_ID_SUPPORT) { |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 233 | ASSERT_TRUE(hwInfo.uniqueId); |
| 234 | auto [_, wasInserted] = uniqueIds.insert(*hwInfo.uniqueId); |
| 235 | EXPECT_TRUE(wasInserted); |
| 236 | } else { |
| 237 | ASSERT_FALSE(hwInfo.uniqueId); |
| 238 | } |
| 239 | } |
| 240 | } |
| 241 | |
Andrew Scull | 2146152 | 2024-03-25 15:08:08 +0000 | [diff] [blame] | 242 | /** |
| 243 | * Verify that the default implementation supports DICE if there is a StrongBox KeyMint instance |
| 244 | * on the device. |
| 245 | */ |
| 246 | // @VsrTest = 3.10-015 |
| 247 | TEST(NonParameterizedTests, requireDiceOnDefaultInstanceIfStrongboxPresent) { |
| 248 | int vsr_api_level = get_vsr_api_level(); |
| 249 | if (vsr_api_level < 35) { |
| 250 | GTEST_SKIP() << "Applies only to VSR API level 35 or newer, this device is: " |
| 251 | << vsr_api_level; |
| 252 | } |
| 253 | |
| 254 | if (!AServiceManager_isDeclared(KEYMINT_STRONGBOX_INSTANCE_NAME.c_str())) { |
| 255 | GTEST_SKIP() << "Strongbox is not present on this device."; |
| 256 | } |
| 257 | |
| 258 | ::ndk::SpAIBinder binder(AServiceManager_waitForService(DEFAULT_INSTANCE_NAME.c_str())); |
| 259 | std::shared_ptr<IRemotelyProvisionedComponent> rpc = |
| 260 | IRemotelyProvisionedComponent::fromBinder(binder); |
| 261 | ASSERT_NE(rpc, nullptr); |
| 262 | |
| 263 | bytevec challenge = randomBytes(64); |
| 264 | bytevec csr; |
| 265 | auto status = rpc->generateCertificateRequestV2({} /* keysToSign */, challenge, &csr); |
| 266 | EXPECT_TRUE(status.isOk()) << status.getDescription(); |
| 267 | |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 268 | auto result = isCsrWithProperDiceChain(csr, DEFAULT_INSTANCE_NAME); |
Andrew Scull | 2146152 | 2024-03-25 15:08:08 +0000 | [diff] [blame] | 269 | ASSERT_TRUE(result) << result.message(); |
| 270 | ASSERT_TRUE(*result); |
| 271 | } |
| 272 | |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 273 | using GetHardwareInfoTests = VtsRemotelyProvisionedComponentTests; |
| 274 | |
| 275 | INSTANTIATE_REM_PROV_AIDL_TEST(GetHardwareInfoTests); |
| 276 | |
| 277 | /** |
| 278 | * Verify that a valid curve is reported by the implementation. |
| 279 | */ |
| 280 | TEST_P(GetHardwareInfoTests, supportsValidCurve) { |
| 281 | RpcHardwareInfo hwInfo; |
| 282 | ASSERT_TRUE(provisionable_->getHardwareInfo(&hwInfo).isOk()); |
| 283 | |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 284 | if (rpcHardwareInfo.versionNumber >= VERSION_WITHOUT_EEK) { |
| 285 | ASSERT_EQ(hwInfo.supportedEekCurve, RpcHardwareInfo::CURVE_NONE) |
| 286 | << "Invalid curve: " << hwInfo.supportedEekCurve; |
| 287 | return; |
Hasini Gunasinghe | 666b271 | 2023-01-05 21:35:51 +0000 | [diff] [blame] | 288 | } |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 289 | |
| 290 | const std::set<int> validCurves = {RpcHardwareInfo::CURVE_P256, RpcHardwareInfo::CURVE_25519}; |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 291 | ASSERT_EQ(validCurves.count(hwInfo.supportedEekCurve), 1) |
| 292 | << "Invalid curve: " << hwInfo.supportedEekCurve; |
| 293 | } |
| 294 | |
| 295 | /** |
| 296 | * Verify that the unique id is within the length limits as described in RpcHardwareInfo.aidl. |
| 297 | */ |
| 298 | TEST_P(GetHardwareInfoTests, uniqueId) { |
Tri Vo | dd12c48 | 2022-10-12 22:41:28 +0000 | [diff] [blame] | 299 | if (rpcHardwareInfo.versionNumber < VERSION_WITH_UNIQUE_ID_SUPPORT) { |
Seth Moore | fc86bf4 | 2021-12-09 14:07:04 -0800 | [diff] [blame] | 300 | return; |
| 301 | } |
| 302 | |
| 303 | RpcHardwareInfo hwInfo; |
| 304 | ASSERT_TRUE(provisionable_->getHardwareInfo(&hwInfo).isOk()); |
| 305 | ASSERT_TRUE(hwInfo.uniqueId); |
| 306 | EXPECT_GE(hwInfo.uniqueId->size(), 1); |
| 307 | EXPECT_LE(hwInfo.uniqueId->size(), 32); |
| 308 | } |
| 309 | |
Tri Vo | 9cab73c | 2022-10-28 13:40:24 -0700 | [diff] [blame] | 310 | /** |
| 311 | * Verify implementation supports at least MIN_SUPPORTED_NUM_KEYS_IN_CSR keys in a CSR. |
| 312 | */ |
| 313 | TEST_P(GetHardwareInfoTests, supportedNumKeysInCsr) { |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 314 | if (rpcHardwareInfo.versionNumber < VERSION_WITH_SUPPORTED_NUM_KEYS_IN_CSR) { |
Tri Vo | 9cab73c | 2022-10-28 13:40:24 -0700 | [diff] [blame] | 315 | return; |
| 316 | } |
| 317 | |
| 318 | RpcHardwareInfo hwInfo; |
| 319 | ASSERT_TRUE(provisionable_->getHardwareInfo(&hwInfo).isOk()); |
| 320 | ASSERT_GE(hwInfo.supportedNumKeysInCsr, RpcHardwareInfo::MIN_SUPPORTED_NUM_KEYS_IN_CSR); |
| 321 | } |
| 322 | |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 323 | using GenerateKeyTests = VtsRemotelyProvisionedComponentTests; |
| 324 | |
| 325 | INSTANTIATE_REM_PROV_AIDL_TEST(GenerateKeyTests); |
| 326 | |
| 327 | /** |
David Drysdale | f0d516d | 2021-03-22 07:51:43 +0000 | [diff] [blame] | 328 | * Generate and validate a production-mode key. MAC tag can't be verified, but |
| 329 | * the private key blob should be usable in KeyMint operations. |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 330 | */ |
Max Bires | 126869a | 2021-02-21 18:32:59 -0800 | [diff] [blame] | 331 | TEST_P(GenerateKeyTests, generateEcdsaP256Key_prodMode) { |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 332 | MacedPublicKey macedPubKey; |
| 333 | bytevec privateKeyBlob; |
| 334 | bool testMode = false; |
| 335 | auto status = provisionable_->generateEcdsaP256KeyPair(testMode, &macedPubKey, &privateKeyBlob); |
| 336 | ASSERT_TRUE(status.isOk()); |
David Drysdale | f0d516d | 2021-03-22 07:51:43 +0000 | [diff] [blame] | 337 | vector<uint8_t> coseKeyData; |
Tri Vo | b0b8acc | 2022-11-30 16:22:23 -0800 | [diff] [blame] | 338 | check_maced_pubkey(macedPubKey, testMode, &coseKeyData); |
David Drysdale | 4d3c298 | 2021-03-31 18:21:40 +0100 | [diff] [blame] | 339 | } |
| 340 | |
| 341 | /** |
| 342 | * Generate and validate a production-mode key, then use it as a KeyMint attestation key. |
| 343 | */ |
| 344 | TEST_P(GenerateKeyTests, generateAndUseEcdsaP256Key_prodMode) { |
| 345 | // See if there is a matching IKeyMintDevice for this IRemotelyProvisionedComponent. |
| 346 | std::shared_ptr<IKeyMintDevice> keyMint; |
| 347 | if (!matching_keymint_device(GetParam(), &keyMint)) { |
| 348 | // No matching IKeyMintDevice. |
| 349 | GTEST_SKIP() << "Skipping key use test as no matching KeyMint device found"; |
| 350 | return; |
| 351 | } |
| 352 | KeyMintHardwareInfo info; |
| 353 | ASSERT_TRUE(keyMint->getHardwareInfo(&info).isOk()); |
| 354 | |
| 355 | MacedPublicKey macedPubKey; |
| 356 | bytevec privateKeyBlob; |
| 357 | bool testMode = false; |
| 358 | auto status = provisionable_->generateEcdsaP256KeyPair(testMode, &macedPubKey, &privateKeyBlob); |
| 359 | ASSERT_TRUE(status.isOk()); |
| 360 | vector<uint8_t> coseKeyData; |
Tri Vo | b0b8acc | 2022-11-30 16:22:23 -0800 | [diff] [blame] | 361 | check_maced_pubkey(macedPubKey, testMode, &coseKeyData); |
David Drysdale | 4d3c298 | 2021-03-31 18:21:40 +0100 | [diff] [blame] | 362 | |
David Drysdale | f0d516d | 2021-03-22 07:51:43 +0000 | [diff] [blame] | 363 | AttestationKey attestKey; |
| 364 | attestKey.keyBlob = std::move(privateKeyBlob); |
| 365 | attestKey.issuerSubjectName = make_name_from_str("Android Keystore Key"); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 366 | |
David Drysdale | f0d516d | 2021-03-22 07:51:43 +0000 | [diff] [blame] | 367 | // Generate an ECDSA key that is attested by the generated P256 keypair. |
| 368 | AuthorizationSet keyDesc = AuthorizationSetBuilder() |
| 369 | .Authorization(TAG_NO_AUTH_REQUIRED) |
David Drysdale | 915ce25 | 2021-10-14 15:17:36 +0100 | [diff] [blame] | 370 | .EcdsaSigningKey(EcCurve::P_256) |
David Drysdale | f0d516d | 2021-03-22 07:51:43 +0000 | [diff] [blame] | 371 | .AttestationChallenge("foo") |
| 372 | .AttestationApplicationId("bar") |
| 373 | .Digest(Digest::NONE) |
| 374 | .SetDefaultValidity(); |
| 375 | KeyCreationResult creationResult; |
| 376 | auto result = keyMint->generateKey(keyDesc.vector_data(), attestKey, &creationResult); |
| 377 | ASSERT_TRUE(result.isOk()); |
| 378 | vector<uint8_t> attested_key_blob = std::move(creationResult.keyBlob); |
| 379 | vector<KeyCharacteristics> attested_key_characteristics = |
| 380 | std::move(creationResult.keyCharacteristics); |
| 381 | vector<Certificate> attested_key_cert_chain = std::move(creationResult.certificateChain); |
| 382 | EXPECT_EQ(attested_key_cert_chain.size(), 1); |
| 383 | |
David Drysdale | 7dff4fc | 2021-12-10 10:10:52 +0000 | [diff] [blame] | 384 | int32_t aidl_version = 0; |
| 385 | ASSERT_TRUE(keyMint->getInterfaceVersion(&aidl_version).isOk()); |
David Drysdale | f0d516d | 2021-03-22 07:51:43 +0000 | [diff] [blame] | 386 | AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics); |
| 387 | AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics); |
David Drysdale | 7dff4fc | 2021-12-10 10:10:52 +0000 | [diff] [blame] | 388 | EXPECT_TRUE(verify_attestation_record(aidl_version, "foo", "bar", sw_enforced, hw_enforced, |
David Drysdale | f0d516d | 2021-03-22 07:51:43 +0000 | [diff] [blame] | 389 | info.securityLevel, |
| 390 | attested_key_cert_chain[0].encodedCertificate)); |
| 391 | |
| 392 | // Attestation by itself is not valid (last entry is not self-signed). |
| 393 | EXPECT_FALSE(ChainSignaturesAreValid(attested_key_cert_chain)); |
| 394 | |
| 395 | // The signature over the attested key should correspond to the P256 public key. |
| 396 | X509_Ptr key_cert(parse_cert_blob(attested_key_cert_chain[0].encodedCertificate)); |
| 397 | ASSERT_TRUE(key_cert.get()); |
| 398 | EVP_PKEY_Ptr signing_pubkey; |
| 399 | p256_pub_key(coseKeyData, &signing_pubkey); |
| 400 | ASSERT_TRUE(signing_pubkey.get()); |
| 401 | |
| 402 | ASSERT_TRUE(X509_verify(key_cert.get(), signing_pubkey.get())) |
| 403 | << "Verification of attested certificate failed " |
| 404 | << "OpenSSL error string: " << ERR_error_string(ERR_get_error(), NULL); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 405 | } |
| 406 | |
| 407 | /** |
| 408 | * Generate and validate a test-mode key. |
| 409 | */ |
Max Bires | 126869a | 2021-02-21 18:32:59 -0800 | [diff] [blame] | 410 | TEST_P(GenerateKeyTests, generateEcdsaP256Key_testMode) { |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 411 | MacedPublicKey macedPubKey; |
| 412 | bytevec privateKeyBlob; |
| 413 | bool testMode = true; |
| 414 | auto status = provisionable_->generateEcdsaP256KeyPair(testMode, &macedPubKey, &privateKeyBlob); |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 415 | |
| 416 | if (rpcHardwareInfo.versionNumber >= VERSION_WITHOUT_TEST_MODE) { |
| 417 | ASSERT_FALSE(status.isOk()); |
| 418 | EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_REMOVED); |
| 419 | return; |
| 420 | } |
| 421 | |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 422 | ASSERT_TRUE(status.isOk()); |
Tri Vo | b0b8acc | 2022-11-30 16:22:23 -0800 | [diff] [blame] | 423 | check_maced_pubkey(macedPubKey, testMode, nullptr); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 424 | } |
| 425 | |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 426 | class CertificateRequestTestBase : public VtsRemotelyProvisionedComponentTests { |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 427 | protected: |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 428 | CertificateRequestTestBase() |
| 429 | : eekId_(string_to_bytevec("eekid")), challenge_(randomBytes(64)) {} |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 430 | |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 431 | void generateTestEekChain(size_t eekLength) { |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 432 | auto chain = generateEekChain(rpcHardwareInfo.supportedEekCurve, eekLength, eekId_); |
David Drysdale | 08696a7 | 2022-03-10 10:43:25 +0000 | [diff] [blame] | 433 | ASSERT_TRUE(chain) << chain.message(); |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 434 | if (chain) testEekChain_ = chain.moveValue(); |
| 435 | testEekLength_ = eekLength; |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 436 | } |
| 437 | |
| 438 | void generateKeys(bool testMode, size_t numKeys) { |
| 439 | keysToSign_ = std::vector<MacedPublicKey>(numKeys); |
| 440 | cborKeysToSign_ = cppbor::Array(); |
| 441 | |
| 442 | for (auto& key : keysToSign_) { |
| 443 | bytevec privateKeyBlob; |
| 444 | auto status = provisionable_->generateEcdsaP256KeyPair(testMode, &key, &privateKeyBlob); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 445 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 446 | |
David Drysdale | c840077 | 2021-03-11 12:35:11 +0000 | [diff] [blame] | 447 | vector<uint8_t> payload_value; |
Tri Vo | b0b8acc | 2022-11-30 16:22:23 -0800 | [diff] [blame] | 448 | check_maced_pubkey(key, testMode, &payload_value); |
David Drysdale | c840077 | 2021-03-11 12:35:11 +0000 | [diff] [blame] | 449 | cborKeysToSign_.add(cppbor::EncodedItem(payload_value)); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 450 | } |
| 451 | } |
| 452 | |
| 453 | bytevec eekId_; |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 454 | size_t testEekLength_; |
| 455 | EekChain testEekChain_; |
David Drysdale | c840077 | 2021-03-11 12:35:11 +0000 | [diff] [blame] | 456 | bytevec challenge_; |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 457 | std::vector<MacedPublicKey> keysToSign_; |
| 458 | cppbor::Array cborKeysToSign_; |
| 459 | }; |
| 460 | |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 461 | class CertificateRequestTest : public CertificateRequestTestBase { |
| 462 | protected: |
| 463 | void SetUp() override { |
| 464 | CertificateRequestTestBase::SetUp(); |
Andrew Scull | 1bcb602 | 2022-12-27 10:43:27 +0000 | [diff] [blame] | 465 | ASSERT_FALSE(HasFatalFailure()); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 466 | |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 467 | if (rpcHardwareInfo.versionNumber >= VERSION_WITH_CERTIFICATE_REQUEST_V2) { |
Andrew Scull | 95b3131 | 2023-03-27 19:16:07 +0000 | [diff] [blame] | 468 | GTEST_SKIP() << "This test case only applies to RKP v1 and v2. " |
| 469 | << "RKP version discovered: " << rpcHardwareInfo.versionNumber; |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 470 | } |
| 471 | } |
| 472 | }; |
| 473 | |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 474 | /** |
| 475 | * Generate an empty certificate request in test mode, and decrypt and verify the structure and |
| 476 | * content. |
| 477 | */ |
Max Bires | 126869a | 2021-02-21 18:32:59 -0800 | [diff] [blame] | 478 | TEST_P(CertificateRequestTest, EmptyRequest_testMode) { |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 479 | bool testMode = true; |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 480 | for (size_t eekLength : {2, 3, 7}) { |
| 481 | SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength); |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 482 | generateTestEekChain(eekLength); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 483 | |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 484 | bytevec keysToSignMac; |
| 485 | DeviceInfo deviceInfo; |
| 486 | ProtectedData protectedData; |
| 487 | auto status = provisionable_->generateCertificateRequest( |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 488 | testMode, {} /* keysToSign */, testEekChain_.chain, challenge_, &deviceInfo, |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 489 | &protectedData, &keysToSignMac); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 490 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 491 | |
Seth Moore | 2fc6f83 | 2022-09-13 16:10:11 -0700 | [diff] [blame] | 492 | auto result = verifyProductionProtectedData( |
| 493 | deviceInfo, cppbor::Array(), keysToSignMac, protectedData, testEekChain_, eekId_, |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 494 | rpcHardwareInfo.supportedEekCurve, provisionable_.get(), GetParam(), challenge_); |
Seth Moore | 2fc6f83 | 2022-09-13 16:10:11 -0700 | [diff] [blame] | 495 | ASSERT_TRUE(result) << result.message(); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 496 | } |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 497 | } |
| 498 | |
| 499 | /** |
Seth Moore | 42c1133 | 2021-07-02 15:38:17 -0700 | [diff] [blame] | 500 | * Ensure that test mode outputs a unique BCC root key every time we request a |
| 501 | * certificate request. Else, it's possible that the test mode API could be used |
| 502 | * to fingerprint devices. Only the GEEK should be allowed to decrypt the same |
| 503 | * device public key multiple times. |
| 504 | */ |
| 505 | TEST_P(CertificateRequestTest, NewKeyPerCallInTestMode) { |
| 506 | constexpr bool testMode = true; |
Seth Moore | 42c1133 | 2021-07-02 15:38:17 -0700 | [diff] [blame] | 507 | |
| 508 | bytevec keysToSignMac; |
| 509 | DeviceInfo deviceInfo; |
| 510 | ProtectedData protectedData; |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 511 | generateTestEekChain(3); |
Seth Moore | 42c1133 | 2021-07-02 15:38:17 -0700 | [diff] [blame] | 512 | auto status = provisionable_->generateCertificateRequest( |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 513 | testMode, {} /* keysToSign */, testEekChain_.chain, challenge_, &deviceInfo, |
| 514 | &protectedData, &keysToSignMac); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 515 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
Seth Moore | 42c1133 | 2021-07-02 15:38:17 -0700 | [diff] [blame] | 516 | |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 517 | auto firstBcc = verifyProductionProtectedData(deviceInfo, /*keysToSign=*/cppbor::Array(), |
| 518 | keysToSignMac, protectedData, testEekChain_, |
| 519 | eekId_, rpcHardwareInfo.supportedEekCurve, |
| 520 | provisionable_.get(), GetParam(), challenge_); |
Seth Moore | 2fc6f83 | 2022-09-13 16:10:11 -0700 | [diff] [blame] | 521 | ASSERT_TRUE(firstBcc) << firstBcc.message(); |
Seth Moore | 42c1133 | 2021-07-02 15:38:17 -0700 | [diff] [blame] | 522 | |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 523 | status = provisionable_->generateCertificateRequest( |
| 524 | testMode, {} /* keysToSign */, testEekChain_.chain, challenge_, &deviceInfo, |
| 525 | &protectedData, &keysToSignMac); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 526 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
Seth Moore | 42c1133 | 2021-07-02 15:38:17 -0700 | [diff] [blame] | 527 | |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 528 | auto secondBcc = verifyProductionProtectedData(deviceInfo, /*keysToSign=*/cppbor::Array(), |
| 529 | keysToSignMac, protectedData, testEekChain_, |
| 530 | eekId_, rpcHardwareInfo.supportedEekCurve, |
| 531 | provisionable_.get(), GetParam(), challenge_); |
Seth Moore | 2fc6f83 | 2022-09-13 16:10:11 -0700 | [diff] [blame] | 532 | ASSERT_TRUE(secondBcc) << secondBcc.message(); |
Seth Moore | 42c1133 | 2021-07-02 15:38:17 -0700 | [diff] [blame] | 533 | |
| 534 | // Verify that none of the keys in the first BCC are repeated in the second one. |
Seth Moore | 2fc6f83 | 2022-09-13 16:10:11 -0700 | [diff] [blame] | 535 | for (const auto& i : *firstBcc) { |
| 536 | for (auto& j : *secondBcc) { |
Seth Moore | 42c1133 | 2021-07-02 15:38:17 -0700 | [diff] [blame] | 537 | ASSERT_THAT(i.pubKey, testing::Not(testing::ElementsAreArray(j.pubKey))) |
| 538 | << "Found a repeated pubkey in two generateCertificateRequest test mode calls"; |
| 539 | } |
| 540 | } |
| 541 | } |
| 542 | |
| 543 | /** |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 544 | * Generate an empty certificate request in prod mode. This test must be run explicitly, and |
| 545 | * is not run by default. Not all devices are GMS devices, and therefore they do not all |
| 546 | * trust the Google EEK root. |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 547 | */ |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 548 | TEST_P(CertificateRequestTest, DISABLED_EmptyRequest_prodMode) { |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 549 | bool testMode = false; |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 550 | |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 551 | bytevec keysToSignMac; |
| 552 | DeviceInfo deviceInfo; |
| 553 | ProtectedData protectedData; |
| 554 | auto status = provisionable_->generateCertificateRequest( |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 555 | testMode, {} /* keysToSign */, getProdEekChain(rpcHardwareInfo.supportedEekCurve), |
| 556 | challenge_, &deviceInfo, &protectedData, &keysToSignMac); |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 557 | EXPECT_TRUE(status.isOk()); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 558 | } |
| 559 | |
| 560 | /** |
| 561 | * Generate a non-empty certificate request in test mode. Decrypt, parse and validate the contents. |
| 562 | */ |
Max Bires | 126869a | 2021-02-21 18:32:59 -0800 | [diff] [blame] | 563 | TEST_P(CertificateRequestTest, NonEmptyRequest_testMode) { |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 564 | bool testMode = true; |
| 565 | generateKeys(testMode, 4 /* numKeys */); |
| 566 | |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 567 | for (size_t eekLength : {2, 3, 7}) { |
| 568 | SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength); |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 569 | generateTestEekChain(eekLength); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 570 | |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 571 | bytevec keysToSignMac; |
| 572 | DeviceInfo deviceInfo; |
| 573 | ProtectedData protectedData; |
| 574 | auto status = provisionable_->generateCertificateRequest( |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 575 | testMode, keysToSign_, testEekChain_.chain, challenge_, &deviceInfo, &protectedData, |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 576 | &keysToSignMac); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 577 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 578 | |
Seth Moore | 2fc6f83 | 2022-09-13 16:10:11 -0700 | [diff] [blame] | 579 | auto result = verifyProductionProtectedData( |
| 580 | deviceInfo, cborKeysToSign_, keysToSignMac, protectedData, testEekChain_, eekId_, |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 581 | rpcHardwareInfo.supportedEekCurve, provisionable_.get(), GetParam(), challenge_); |
Seth Moore | 2fc6f83 | 2022-09-13 16:10:11 -0700 | [diff] [blame] | 582 | ASSERT_TRUE(result) << result.message(); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 583 | } |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 584 | } |
| 585 | |
| 586 | /** |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 587 | * Generate a non-empty certificate request in prod mode. This test must be run explicitly, and |
| 588 | * is not run by default. Not all devices are GMS devices, and therefore they do not all |
| 589 | * trust the Google EEK root. |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 590 | */ |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 591 | TEST_P(CertificateRequestTest, DISABLED_NonEmptyRequest_prodMode) { |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 592 | bool testMode = false; |
| 593 | generateKeys(testMode, 4 /* numKeys */); |
| 594 | |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 595 | bytevec keysToSignMac; |
| 596 | DeviceInfo deviceInfo; |
| 597 | ProtectedData protectedData; |
| 598 | auto status = provisionable_->generateCertificateRequest( |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 599 | testMode, keysToSign_, getProdEekChain(rpcHardwareInfo.supportedEekCurve), challenge_, |
| 600 | &deviceInfo, &protectedData, &keysToSignMac); |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 601 | EXPECT_TRUE(status.isOk()); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 602 | } |
| 603 | |
| 604 | /** |
David Drysdale | e99ed86 | 2021-03-15 16:43:06 +0000 | [diff] [blame] | 605 | * Generate a non-empty certificate request in test mode, but with the MAC corrupted on the keypair. |
| 606 | */ |
| 607 | TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_testMode) { |
| 608 | bool testMode = true; |
| 609 | generateKeys(testMode, 1 /* numKeys */); |
David Drysdale | 08696a7 | 2022-03-10 10:43:25 +0000 | [diff] [blame] | 610 | auto result = corrupt_maced_key(keysToSign_[0]); |
| 611 | ASSERT_TRUE(result) << result.moveMessage(); |
| 612 | MacedPublicKey keyWithCorruptMac = result.moveValue(); |
David Drysdale | e99ed86 | 2021-03-15 16:43:06 +0000 | [diff] [blame] | 613 | |
| 614 | bytevec keysToSignMac; |
| 615 | DeviceInfo deviceInfo; |
| 616 | ProtectedData protectedData; |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 617 | generateTestEekChain(3); |
David Drysdale | e99ed86 | 2021-03-15 16:43:06 +0000 | [diff] [blame] | 618 | auto status = provisionable_->generateCertificateRequest( |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 619 | testMode, {keyWithCorruptMac}, testEekChain_.chain, challenge_, &deviceInfo, |
| 620 | &protectedData, &keysToSignMac); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 621 | ASSERT_FALSE(status.isOk()) << status.getDescription(); |
David Drysdale | e99ed86 | 2021-03-15 16:43:06 +0000 | [diff] [blame] | 622 | EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_MAC); |
| 623 | } |
| 624 | |
| 625 | /** |
| 626 | * Generate a non-empty certificate request in prod mode, but with the MAC corrupted on the keypair. |
| 627 | */ |
| 628 | TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_prodMode) { |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 629 | bool testMode = false; |
David Drysdale | e99ed86 | 2021-03-15 16:43:06 +0000 | [diff] [blame] | 630 | generateKeys(testMode, 1 /* numKeys */); |
David Drysdale | 08696a7 | 2022-03-10 10:43:25 +0000 | [diff] [blame] | 631 | auto result = corrupt_maced_key(keysToSign_[0]); |
| 632 | ASSERT_TRUE(result) << result.moveMessage(); |
| 633 | MacedPublicKey keyWithCorruptMac = result.moveValue(); |
David Drysdale | e99ed86 | 2021-03-15 16:43:06 +0000 | [diff] [blame] | 634 | |
| 635 | bytevec keysToSignMac; |
| 636 | DeviceInfo deviceInfo; |
| 637 | ProtectedData protectedData; |
| 638 | auto status = provisionable_->generateCertificateRequest( |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 639 | testMode, {keyWithCorruptMac}, getProdEekChain(rpcHardwareInfo.supportedEekCurve), |
| 640 | challenge_, &deviceInfo, &protectedData, &keysToSignMac); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 641 | ASSERT_FALSE(status.isOk()) << status.getDescription(); |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 642 | EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_MAC); |
David Drysdale | e99ed86 | 2021-03-15 16:43:06 +0000 | [diff] [blame] | 643 | } |
| 644 | |
| 645 | /** |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 646 | * Generate a non-empty certificate request in prod mode that has a corrupt EEK chain. |
| 647 | * Confirm that the request is rejected. |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 648 | */ |
| 649 | TEST_P(CertificateRequestTest, NonEmptyCorruptEekRequest_prodMode) { |
| 650 | bool testMode = false; |
| 651 | generateKeys(testMode, 4 /* numKeys */); |
| 652 | |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 653 | auto prodEekChain = getProdEekChain(rpcHardwareInfo.supportedEekCurve); |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 654 | auto [parsedChain, _, parseErr] = cppbor::parse(prodEekChain); |
| 655 | ASSERT_NE(parsedChain, nullptr) << parseErr; |
| 656 | ASSERT_NE(parsedChain->asArray(), nullptr); |
| 657 | |
| 658 | for (int ii = 0; ii < parsedChain->asArray()->size(); ++ii) { |
| 659 | auto chain = corrupt_sig_chain(prodEekChain, ii); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 660 | ASSERT_TRUE(chain) << chain.message(); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 661 | |
| 662 | bytevec keysToSignMac; |
| 663 | DeviceInfo deviceInfo; |
| 664 | ProtectedData protectedData; |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 665 | auto status = provisionable_->generateCertificateRequest(testMode, keysToSign_, *chain, |
| 666 | challenge_, &deviceInfo, |
| 667 | &protectedData, &keysToSignMac); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 668 | ASSERT_FALSE(status.isOk()); |
| 669 | ASSERT_EQ(status.getServiceSpecificError(), |
| 670 | BnRemotelyProvisionedComponent::STATUS_INVALID_EEK); |
| 671 | } |
| 672 | } |
| 673 | |
| 674 | /** |
| 675 | * Generate a non-empty certificate request in prod mode that has an incomplete EEK chain. |
| 676 | * Confirm that the request is rejected. |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 677 | */ |
| 678 | TEST_P(CertificateRequestTest, NonEmptyIncompleteEekRequest_prodMode) { |
| 679 | bool testMode = false; |
| 680 | generateKeys(testMode, 4 /* numKeys */); |
| 681 | |
| 682 | // Build an EEK chain that omits the first self-signed cert. |
| 683 | auto truncatedChain = cppbor::Array(); |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 684 | auto [chain, _, parseErr] = cppbor::parse(getProdEekChain(rpcHardwareInfo.supportedEekCurve)); |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 685 | ASSERT_TRUE(chain); |
| 686 | auto eekChain = chain->asArray(); |
| 687 | ASSERT_NE(eekChain, nullptr); |
| 688 | for (size_t ii = 1; ii < eekChain->size(); ii++) { |
| 689 | truncatedChain.add(eekChain->get(ii)->clone()); |
| 690 | } |
| 691 | |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 692 | bytevec keysToSignMac; |
Max Bires | fdbb904 | 2021-03-23 12:43:38 -0700 | [diff] [blame] | 693 | DeviceInfo deviceInfo; |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 694 | ProtectedData protectedData; |
David Drysdale | cceca9f | 2021-03-12 15:49:47 +0000 | [diff] [blame] | 695 | auto status = provisionable_->generateCertificateRequest( |
| 696 | testMode, keysToSign_, truncatedChain.encode(), challenge_, &deviceInfo, &protectedData, |
| 697 | &keysToSignMac); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 698 | ASSERT_FALSE(status.isOk()); |
| 699 | ASSERT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_EEK); |
| 700 | } |
| 701 | |
| 702 | /** |
| 703 | * Generate a non-empty certificate request in test mode, with prod keys. Must fail with |
| 704 | * STATUS_PRODUCTION_KEY_IN_TEST_REQUEST. |
| 705 | */ |
Max Bires | 126869a | 2021-02-21 18:32:59 -0800 | [diff] [blame] | 706 | TEST_P(CertificateRequestTest, NonEmptyRequest_prodKeyInTestCert) { |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 707 | generateKeys(false /* testMode */, 2 /* numKeys */); |
| 708 | |
| 709 | bytevec keysToSignMac; |
Max Bires | fdbb904 | 2021-03-23 12:43:38 -0700 | [diff] [blame] | 710 | DeviceInfo deviceInfo; |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 711 | ProtectedData protectedData; |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 712 | generateTestEekChain(3); |
Max Bires | fdbb904 | 2021-03-23 12:43:38 -0700 | [diff] [blame] | 713 | auto status = provisionable_->generateCertificateRequest( |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 714 | true /* testMode */, keysToSign_, testEekChain_.chain, challenge_, &deviceInfo, |
Max Bires | fdbb904 | 2021-03-23 12:43:38 -0700 | [diff] [blame] | 715 | &protectedData, &keysToSignMac); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 716 | ASSERT_FALSE(status.isOk()); |
| 717 | ASSERT_EQ(status.getServiceSpecificError(), |
| 718 | BnRemotelyProvisionedComponent::STATUS_PRODUCTION_KEY_IN_TEST_REQUEST); |
| 719 | } |
| 720 | |
| 721 | /** |
| 722 | * Generate a non-empty certificate request in prod mode, with test keys. Must fail with |
| 723 | * STATUS_TEST_KEY_IN_PRODUCTION_REQUEST. |
| 724 | */ |
Max Bires | 126869a | 2021-02-21 18:32:59 -0800 | [diff] [blame] | 725 | TEST_P(CertificateRequestTest, NonEmptyRequest_testKeyInProdCert) { |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 726 | generateKeys(true /* testMode */, 2 /* numKeys */); |
| 727 | |
| 728 | bytevec keysToSignMac; |
Max Bires | fdbb904 | 2021-03-23 12:43:38 -0700 | [diff] [blame] | 729 | DeviceInfo deviceInfo; |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 730 | ProtectedData protectedData; |
subrahmanyaman | fb213d6 | 2022-02-02 23:10:55 +0000 | [diff] [blame] | 731 | generateTestEekChain(3); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 732 | auto status = provisionable_->generateCertificateRequest( |
Seth Moore | 19acbe9 | 2021-06-23 15:15:52 -0700 | [diff] [blame] | 733 | false /* testMode */, keysToSign_, testEekChain_.chain, challenge_, &deviceInfo, |
David Drysdale | c840077 | 2021-03-11 12:35:11 +0000 | [diff] [blame] | 734 | &protectedData, &keysToSignMac); |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 735 | ASSERT_FALSE(status.isOk()); |
| 736 | ASSERT_EQ(status.getServiceSpecificError(), |
| 737 | BnRemotelyProvisionedComponent::STATUS_TEST_KEY_IN_PRODUCTION_REQUEST); |
| 738 | } |
| 739 | |
| 740 | INSTANTIATE_REM_PROV_AIDL_TEST(CertificateRequestTest); |
| 741 | |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 742 | class CertificateRequestV2Test : public CertificateRequestTestBase { |
| 743 | void SetUp() override { |
| 744 | CertificateRequestTestBase::SetUp(); |
Andrew Scull | 1bcb602 | 2022-12-27 10:43:27 +0000 | [diff] [blame] | 745 | ASSERT_FALSE(HasFatalFailure()); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 746 | |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 747 | if (rpcHardwareInfo.versionNumber < VERSION_WITH_CERTIFICATE_REQUEST_V2) { |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 748 | GTEST_SKIP() << "This test case only applies to RKP v3 and above. " |
| 749 | << "RKP version discovered: " << rpcHardwareInfo.versionNumber; |
| 750 | } |
| 751 | } |
| 752 | }; |
| 753 | |
| 754 | /** |
Tommy Chiu | fde3ad1 | 2023-03-17 05:58:28 +0000 | [diff] [blame] | 755 | * Generate an empty certificate request with all possible length of challenge, and decrypt and |
| 756 | * verify the structure and content. |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 757 | */ |
Seth Moore | ac1639f | 2023-04-27 11:14:11 -0700 | [diff] [blame] | 758 | // @VsrTest = 3.10-015 |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 759 | TEST_P(CertificateRequestV2Test, EmptyRequest) { |
| 760 | bytevec csr; |
| 761 | |
Tommy Chiu | fde3ad1 | 2023-03-17 05:58:28 +0000 | [diff] [blame] | 762 | for (auto size = MIN_CHALLENGE_SIZE; size <= MAX_CHALLENGE_SIZE; size++) { |
| 763 | SCOPED_TRACE(testing::Message() << "challenge[" << size << "]"); |
| 764 | auto challenge = randomBytes(size); |
| 765 | auto status = |
| 766 | provisionable_->generateCertificateRequestV2({} /* keysToSign */, challenge, &csr); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 767 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 768 | |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 769 | auto result = verifyProductionCsr(cppbor::Array(), csr, provisionable_.get(), GetParam(), |
| 770 | challenge, isRkpVmInstance_); |
Tommy Chiu | fde3ad1 | 2023-03-17 05:58:28 +0000 | [diff] [blame] | 771 | ASSERT_TRUE(result) << result.message(); |
| 772 | } |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 773 | } |
| 774 | |
| 775 | /** |
Tommy Chiu | fde3ad1 | 2023-03-17 05:58:28 +0000 | [diff] [blame] | 776 | * Generate a non-empty certificate request with all possible length of challenge. Decrypt, parse |
| 777 | * and validate the contents. |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 778 | */ |
Seth Moore | ac1639f | 2023-04-27 11:14:11 -0700 | [diff] [blame] | 779 | // @VsrTest = 3.10-015 |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 780 | TEST_P(CertificateRequestV2Test, NonEmptyRequest) { |
| 781 | generateKeys(false /* testMode */, 1 /* numKeys */); |
| 782 | |
| 783 | bytevec csr; |
| 784 | |
Tommy Chiu | fde3ad1 | 2023-03-17 05:58:28 +0000 | [diff] [blame] | 785 | for (auto size = MIN_CHALLENGE_SIZE; size <= MAX_CHALLENGE_SIZE; size++) { |
| 786 | SCOPED_TRACE(testing::Message() << "challenge[" << size << "]"); |
| 787 | auto challenge = randomBytes(size); |
| 788 | auto status = provisionable_->generateCertificateRequestV2(keysToSign_, challenge, &csr); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 789 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 790 | |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 791 | auto result = verifyProductionCsr(cborKeysToSign_, csr, provisionable_.get(), GetParam(), |
| 792 | challenge, isRkpVmInstance_); |
Tommy Chiu | fde3ad1 | 2023-03-17 05:58:28 +0000 | [diff] [blame] | 793 | ASSERT_TRUE(result) << result.message(); |
| 794 | } |
| 795 | } |
| 796 | |
| 797 | /** |
| 798 | * Generate an empty certificate request with invalid size of challenge |
| 799 | */ |
| 800 | TEST_P(CertificateRequestV2Test, EmptyRequestWithInvalidChallengeFail) { |
| 801 | bytevec csr; |
| 802 | |
| 803 | auto status = provisionable_->generateCertificateRequestV2( |
| 804 | /* keysToSign */ {}, randomBytes(MAX_CHALLENGE_SIZE + 1), &csr); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 805 | EXPECT_FALSE(status.isOk()) << status.getDescription(); |
Tommy Chiu | fde3ad1 | 2023-03-17 05:58:28 +0000 | [diff] [blame] | 806 | EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_FAILED); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 807 | } |
| 808 | |
| 809 | /** |
Andrew Scull | fb49ad2 | 2022-11-09 21:02:48 +0000 | [diff] [blame] | 810 | * Generate a non-empty certificate request. Make sure contents are reproducible but allow for the |
| 811 | * signature to be different since algorithms including ECDSA P-256 can include a random value. |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 812 | */ |
Seth Moore | ac1639f | 2023-04-27 11:14:11 -0700 | [diff] [blame] | 813 | // @VsrTest = 3.10-015 |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 814 | TEST_P(CertificateRequestV2Test, NonEmptyRequestReproducible) { |
| 815 | generateKeys(false /* testMode */, 1 /* numKeys */); |
| 816 | |
| 817 | bytevec csr; |
| 818 | |
| 819 | auto status = provisionable_->generateCertificateRequestV2(keysToSign_, challenge_, &csr); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 820 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 821 | |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 822 | auto firstCsr = verifyProductionCsr(cborKeysToSign_, csr, provisionable_.get(), GetParam(), |
| 823 | challenge_, isRkpVmInstance_); |
Andrew Scull | fb49ad2 | 2022-11-09 21:02:48 +0000 | [diff] [blame] | 824 | ASSERT_TRUE(firstCsr) << firstCsr.message(); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 825 | |
| 826 | status = provisionable_->generateCertificateRequestV2(keysToSign_, challenge_, &csr); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 827 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 828 | |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 829 | auto secondCsr = verifyProductionCsr(cborKeysToSign_, csr, provisionable_.get(), GetParam(), |
| 830 | challenge_, isRkpVmInstance_); |
Andrew Scull | fb49ad2 | 2022-11-09 21:02:48 +0000 | [diff] [blame] | 831 | ASSERT_TRUE(secondCsr) << secondCsr.message(); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 832 | |
Andrew Scull | fb49ad2 | 2022-11-09 21:02:48 +0000 | [diff] [blame] | 833 | ASSERT_EQ(**firstCsr, **secondCsr); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 834 | } |
| 835 | |
| 836 | /** |
| 837 | * Generate a non-empty certificate request with multiple keys. |
| 838 | */ |
Seth Moore | ac1639f | 2023-04-27 11:14:11 -0700 | [diff] [blame] | 839 | // @VsrTest = 3.10-015 |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 840 | TEST_P(CertificateRequestV2Test, NonEmptyRequestMultipleKeys) { |
Tri Vo | 9cab73c | 2022-10-28 13:40:24 -0700 | [diff] [blame] | 841 | generateKeys(false /* testMode */, rpcHardwareInfo.supportedNumKeysInCsr /* numKeys */); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 842 | |
| 843 | bytevec csr; |
| 844 | |
| 845 | auto status = provisionable_->generateCertificateRequestV2(keysToSign_, challenge_, &csr); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 846 | ASSERT_TRUE(status.isOk()) << status.getDescription(); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 847 | |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 848 | auto result = verifyProductionCsr(cborKeysToSign_, csr, provisionable_.get(), GetParam(), |
| 849 | challenge_, isRkpVmInstance_); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 850 | ASSERT_TRUE(result) << result.message(); |
| 851 | } |
| 852 | |
| 853 | /** |
| 854 | * Generate a non-empty certificate request, but with the MAC corrupted on the keypair. |
| 855 | */ |
| 856 | TEST_P(CertificateRequestV2Test, NonEmptyRequestCorruptMac) { |
| 857 | generateKeys(false /* testMode */, 1 /* numKeys */); |
| 858 | auto result = corrupt_maced_key(keysToSign_[0]); |
| 859 | ASSERT_TRUE(result) << result.moveMessage(); |
| 860 | MacedPublicKey keyWithCorruptMac = result.moveValue(); |
| 861 | |
| 862 | bytevec csr; |
| 863 | auto status = |
| 864 | provisionable_->generateCertificateRequestV2({keyWithCorruptMac}, challenge_, &csr); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 865 | ASSERT_FALSE(status.isOk()) << status.getDescription(); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 866 | EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_MAC); |
| 867 | } |
| 868 | |
| 869 | /** |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 870 | * Call generateCertificateRequest(). Make sure it's removed. |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 871 | */ |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 872 | TEST_P(CertificateRequestV2Test, CertificateRequestV1Removed_prodMode) { |
| 873 | bytevec keysToSignMac; |
| 874 | DeviceInfo deviceInfo; |
| 875 | ProtectedData protectedData; |
| 876 | auto status = provisionable_->generateCertificateRequest( |
| 877 | false /* testMode */, {} /* keysToSign */, {} /* EEK chain */, challenge_, &deviceInfo, |
| 878 | &protectedData, &keysToSignMac); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 879 | ASSERT_FALSE(status.isOk()) << status.getDescription(); |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 880 | EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_REMOVED); |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 881 | } |
| 882 | |
Andrew Scull | 95b3131 | 2023-03-27 19:16:07 +0000 | [diff] [blame] | 883 | /** |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 884 | * Call generateCertificateRequest() in test mode. Make sure it's removed. |
Andrew Scull | 95b3131 | 2023-03-27 19:16:07 +0000 | [diff] [blame] | 885 | */ |
Andrew Scull | f2ae193 | 2023-04-24 19:09:09 +0000 | [diff] [blame] | 886 | TEST_P(CertificateRequestV2Test, CertificateRequestV1Removed_testMode) { |
Andrew Scull | 95b3131 | 2023-03-27 19:16:07 +0000 | [diff] [blame] | 887 | bytevec keysToSignMac; |
| 888 | DeviceInfo deviceInfo; |
| 889 | ProtectedData protectedData; |
| 890 | auto status = provisionable_->generateCertificateRequest( |
| 891 | true /* testMode */, {} /* keysToSign */, {} /* EEK chain */, challenge_, &deviceInfo, |
| 892 | &protectedData, &keysToSignMac); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 893 | ASSERT_FALSE(status.isOk()) << status.getDescription(); |
Andrew Scull | 95b3131 | 2023-03-27 19:16:07 +0000 | [diff] [blame] | 894 | EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_REMOVED); |
| 895 | } |
| 896 | |
Tri Vo | ec50ee1 | 2023-02-14 16:29:53 -0800 | [diff] [blame] | 897 | void parse_root_of_trust(const vector<uint8_t>& attestation_cert, |
| 898 | vector<uint8_t>* verified_boot_key, VerifiedBoot* verified_boot_state, |
| 899 | bool* device_locked, vector<uint8_t>* verified_boot_hash) { |
| 900 | X509_Ptr cert(parse_cert_blob(attestation_cert)); |
| 901 | ASSERT_TRUE(cert.get()); |
| 902 | |
| 903 | ASN1_OCTET_STRING* attest_rec = get_attestation_record(cert.get()); |
| 904 | ASSERT_TRUE(attest_rec); |
| 905 | |
| 906 | auto error = parse_root_of_trust(attest_rec->data, attest_rec->length, verified_boot_key, |
| 907 | verified_boot_state, device_locked, verified_boot_hash); |
| 908 | ASSERT_EQ(error, ErrorCode::OK); |
| 909 | } |
| 910 | |
| 911 | /** |
| 912 | * Generate a CSR and verify DeviceInfo against IDs attested by KeyMint. |
| 913 | */ |
Seth Moore | ac1639f | 2023-04-27 11:14:11 -0700 | [diff] [blame] | 914 | // @VsrTest = 3.10-015 |
Tri Vo | ec50ee1 | 2023-02-14 16:29:53 -0800 | [diff] [blame] | 915 | TEST_P(CertificateRequestV2Test, DeviceInfo) { |
| 916 | // See if there is a matching IKeyMintDevice for this IRemotelyProvisionedComponent. |
| 917 | std::shared_ptr<IKeyMintDevice> keyMint; |
| 918 | if (!matching_keymint_device(GetParam(), &keyMint)) { |
| 919 | // No matching IKeyMintDevice. |
| 920 | GTEST_SKIP() << "Skipping key use test as no matching KeyMint device found"; |
| 921 | return; |
| 922 | } |
| 923 | KeyMintHardwareInfo info; |
| 924 | ASSERT_TRUE(keyMint->getHardwareInfo(&info).isOk()); |
| 925 | |
| 926 | // Get IDs attested by KeyMint. |
| 927 | MacedPublicKey macedPubKey; |
| 928 | bytevec privateKeyBlob; |
| 929 | auto irpcStatus = |
| 930 | provisionable_->generateEcdsaP256KeyPair(false, &macedPubKey, &privateKeyBlob); |
| 931 | ASSERT_TRUE(irpcStatus.isOk()); |
| 932 | |
| 933 | AttestationKey attestKey; |
| 934 | attestKey.keyBlob = std::move(privateKeyBlob); |
| 935 | attestKey.issuerSubjectName = make_name_from_str("Android Keystore Key"); |
| 936 | |
| 937 | // Generate an ECDSA key that is attested by the generated P256 keypair. |
| 938 | AuthorizationSet keyDesc = AuthorizationSetBuilder() |
| 939 | .Authorization(TAG_NO_AUTH_REQUIRED) |
| 940 | .EcdsaSigningKey(EcCurve::P_256) |
| 941 | .AttestationChallenge("foo") |
| 942 | .AttestationApplicationId("bar") |
| 943 | .Digest(Digest::NONE) |
| 944 | .SetDefaultValidity(); |
| 945 | KeyCreationResult creationResult; |
| 946 | auto kmStatus = keyMint->generateKey(keyDesc.vector_data(), attestKey, &creationResult); |
| 947 | ASSERT_TRUE(kmStatus.isOk()); |
| 948 | |
| 949 | vector<KeyCharacteristics> key_characteristics = std::move(creationResult.keyCharacteristics); |
| 950 | vector<Certificate> key_cert_chain = std::move(creationResult.certificateChain); |
| 951 | // We didn't provision the attestation key. |
| 952 | ASSERT_EQ(key_cert_chain.size(), 1); |
| 953 | |
| 954 | // Parse attested patch levels. |
| 955 | auto auths = HwEnforcedAuthorizations(key_characteristics); |
| 956 | |
| 957 | auto attestedSystemPatchLevel = auths.GetTagValue(TAG_OS_PATCHLEVEL); |
| 958 | auto attestedVendorPatchLevel = auths.GetTagValue(TAG_VENDOR_PATCHLEVEL); |
| 959 | auto attestedBootPatchLevel = auths.GetTagValue(TAG_BOOT_PATCHLEVEL); |
| 960 | |
| 961 | ASSERT_TRUE(attestedSystemPatchLevel.has_value()); |
| 962 | ASSERT_TRUE(attestedVendorPatchLevel.has_value()); |
| 963 | ASSERT_TRUE(attestedBootPatchLevel.has_value()); |
| 964 | |
| 965 | // Parse attested AVB values. |
| 966 | vector<uint8_t> key; |
| 967 | VerifiedBoot attestedVbState; |
| 968 | bool attestedBootloaderState; |
| 969 | vector<uint8_t> attestedVbmetaDigest; |
| 970 | parse_root_of_trust(key_cert_chain[0].encodedCertificate, &key, &attestedVbState, |
| 971 | &attestedBootloaderState, &attestedVbmetaDigest); |
| 972 | |
| 973 | // Get IDs from DeviceInfo. |
| 974 | bytevec csr; |
| 975 | irpcStatus = |
| 976 | provisionable_->generateCertificateRequestV2({} /* keysToSign */, challenge_, &csr); |
Frederick Mayle | 9891be0 | 2023-11-03 14:39:24 -0700 | [diff] [blame] | 977 | ASSERT_TRUE(irpcStatus.isOk()) << irpcStatus.getDescription(); |
Tri Vo | ec50ee1 | 2023-02-14 16:29:53 -0800 | [diff] [blame] | 978 | |
Alice Wang | f112ec9 | 2024-10-08 07:30:28 +0000 | [diff] [blame] | 979 | auto result = |
| 980 | verifyProductionCsr(cppbor::Array(), csr, provisionable_.get(), GetParam(), challenge_); |
Tri Vo | ec50ee1 | 2023-02-14 16:29:53 -0800 | [diff] [blame] | 981 | ASSERT_TRUE(result) << result.message(); |
| 982 | |
| 983 | std::unique_ptr<cppbor::Array> csrPayload = std::move(*result); |
| 984 | ASSERT_TRUE(csrPayload); |
| 985 | |
| 986 | auto deviceInfo = csrPayload->get(2)->asMap(); |
| 987 | ASSERT_TRUE(deviceInfo); |
| 988 | |
| 989 | auto vbState = deviceInfo->get("vb_state")->asTstr(); |
| 990 | auto bootloaderState = deviceInfo->get("bootloader_state")->asTstr(); |
| 991 | auto vbmetaDigest = deviceInfo->get("vbmeta_digest")->asBstr(); |
| 992 | auto systemPatchLevel = deviceInfo->get("system_patch_level")->asUint(); |
| 993 | auto vendorPatchLevel = deviceInfo->get("vendor_patch_level")->asUint(); |
| 994 | auto bootPatchLevel = deviceInfo->get("boot_patch_level")->asUint(); |
| 995 | auto securityLevel = deviceInfo->get("security_level")->asTstr(); |
| 996 | |
| 997 | ASSERT_TRUE(vbState); |
| 998 | ASSERT_TRUE(bootloaderState); |
| 999 | ASSERT_TRUE(vbmetaDigest); |
| 1000 | ASSERT_TRUE(systemPatchLevel); |
| 1001 | ASSERT_TRUE(vendorPatchLevel); |
| 1002 | ASSERT_TRUE(bootPatchLevel); |
| 1003 | ASSERT_TRUE(securityLevel); |
| 1004 | |
| 1005 | auto kmDeviceName = device_suffix(GetParam()); |
| 1006 | |
| 1007 | // Compare DeviceInfo against IDs attested by KeyMint. |
| 1008 | ASSERT_TRUE((securityLevel->value() == "tee" && kmDeviceName == "default") || |
| 1009 | (securityLevel->value() == "strongbox" && kmDeviceName == "strongbox")); |
| 1010 | ASSERT_TRUE((vbState->value() == "green" && attestedVbState == VerifiedBoot::VERIFIED) || |
| 1011 | (vbState->value() == "yellow" && attestedVbState == VerifiedBoot::SELF_SIGNED) || |
| 1012 | (vbState->value() == "orange" && attestedVbState == VerifiedBoot::UNVERIFIED)); |
| 1013 | ASSERT_TRUE((bootloaderState->value() == "locked" && attestedBootloaderState) || |
| 1014 | (bootloaderState->value() == "unlocked" && !attestedBootloaderState)); |
| 1015 | ASSERT_EQ(vbmetaDigest->value(), attestedVbmetaDigest); |
| 1016 | ASSERT_EQ(systemPatchLevel->value(), attestedSystemPatchLevel.value()); |
| 1017 | ASSERT_EQ(vendorPatchLevel->value(), attestedVendorPatchLevel.value()); |
| 1018 | ASSERT_EQ(bootPatchLevel->value(), attestedBootPatchLevel.value()); |
| 1019 | } |
| 1020 | |
Tri Vo | 0d6204e | 2022-09-29 16:15:34 -0700 | [diff] [blame] | 1021 | INSTANTIATE_REM_PROV_AIDL_TEST(CertificateRequestV2Test); |
| 1022 | |
Max Bires | a9b3bb9 | 2022-11-21 23:02:09 -0800 | [diff] [blame] | 1023 | using VsrRequirementTest = VtsRemotelyProvisionedComponentTests; |
| 1024 | |
| 1025 | INSTANTIATE_REM_PROV_AIDL_TEST(VsrRequirementTest); |
| 1026 | |
| 1027 | TEST_P(VsrRequirementTest, VsrEnforcementTest) { |
| 1028 | RpcHardwareInfo hwInfo; |
| 1029 | ASSERT_TRUE(provisionable_->getHardwareInfo(&hwInfo).isOk()); |
| 1030 | int vsr_api_level = get_vsr_api_level(); |
| 1031 | if (vsr_api_level < 34) { |
| 1032 | GTEST_SKIP() << "Applies only to VSR API level 34 or newer, this device is: " |
| 1033 | << vsr_api_level; |
| 1034 | } |
| 1035 | EXPECT_GE(hwInfo.versionNumber, 3) |
| 1036 | << "VSR 14+ requires IRemotelyProvisionedComponent v3 or newer."; |
| 1037 | } |
| 1038 | |
Shawn Willden | 274bb55 | 2020-09-30 22:39:22 -0600 | [diff] [blame] | 1039 | } // namespace aidl::android::hardware::security::keymint::test |