blob: 00b5893d478b68a80b6b8fe8de9cfc3ce6421d95 [file] [log] [blame]
Selene Huangcab019a2020-03-11 04:37:48 -07001/*
2 * Copyright (C) 2019 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#define LOG_TAG "VtsAttestationTests"
18
19#include <aidl/Gtest.h>
20#include <aidl/Vintf.h>
21#include <android-base/logging.h>
22#include <android/hardware/identity/IIdentityCredentialStore.h>
23#include <android/hardware/identity/support/IdentityCredentialSupport.h>
24#include <binder/IServiceManager.h>
25#include <binder/ProcessState.h>
26#include <cppbor.h>
27#include <cppbor_parse.h>
28#include <gtest/gtest.h>
29#include <future>
30#include <map>
31
32#include "VtsAttestationParserSupport.h"
33#include "VtsIdentityTestUtils.h"
34
35namespace android::hardware::identity {
36
37using std::endl;
38using std::map;
39using std::optional;
40using std::string;
41using std::vector;
42
43using ::android::sp;
44using ::android::String16;
45using ::android::binder::Status;
46
47using test_utils::AttestationCertificateParser;
48using test_utils::setupWritableCredential;
49using test_utils::validateAttestationCertificate;
50
51// This file verifies the Identity Credential VTS Attestation Certificate
52// generated.
53class VtsAttestationTests : public testing::TestWithParam<std::string> {
54 public:
55 virtual void SetUp() override {
56 credentialStore_ = android::waitForDeclaredService<IIdentityCredentialStore>(
57 String16(GetParam().c_str()));
58 ASSERT_NE(credentialStore_, nullptr);
59 }
60
61 sp<IIdentityCredentialStore> credentialStore_;
62};
63
64TEST_P(VtsAttestationTests, verifyAttestationWithEmptyChallengeEmptyId) {
65 Status result;
66
67 HardwareInformation hwInfo;
68 ASSERT_TRUE(credentialStore_->getHardwareInformation(&hwInfo).isOk());
69
70 sp<IWritableIdentityCredential> writableCredential;
71 ASSERT_TRUE(test_utils::setupWritableCredential(writableCredential, credentialStore_));
72
73 vector<uint8_t> attestationChallenge;
74 vector<Certificate> attestationCertificate;
75 vector<uint8_t> attestationApplicationId = {};
76 result = writableCredential->getAttestationCertificate(
77 attestationApplicationId, attestationChallenge, &attestationCertificate);
78
79 ASSERT_TRUE(result.isOk()) << result.exceptionCode() << "; " << result.exceptionMessage()
80 << endl;
81
82 EXPECT_TRUE(validateAttestationCertificate(attestationCertificate, attestationChallenge,
83 attestationApplicationId, hwInfo));
84}
85
86TEST_P(VtsAttestationTests, verifyAttestationWithEmptyChallengeNonemptyId) {
87 Status result;
88
89 HardwareInformation hwInfo;
90 ASSERT_TRUE(credentialStore_->getHardwareInformation(&hwInfo).isOk());
91
92 sp<IWritableIdentityCredential> writableCredential;
93 ASSERT_TRUE(setupWritableCredential(writableCredential, credentialStore_));
94
95 vector<uint8_t> attestationChallenge;
96 vector<Certificate> attestationCertificate;
97 string applicationId = "Attestation Verification";
98 vector<uint8_t> attestationApplicationId = {applicationId.begin(), applicationId.end()};
99
100 result = writableCredential->getAttestationCertificate(
101 attestationApplicationId, attestationChallenge, &attestationCertificate);
102
103 ASSERT_TRUE(result.isOk()) << result.exceptionCode() << "; " << result.exceptionMessage()
104 << endl;
105 EXPECT_TRUE(validateAttestationCertificate(attestationCertificate, attestationChallenge,
106 attestationApplicationId, hwInfo));
107}
108
109TEST_P(VtsAttestationTests, verifyAttestationWithNonemptyChallengeEmptyId) {
110 Status result;
111
112 HardwareInformation hwInfo;
113 ASSERT_TRUE(credentialStore_->getHardwareInformation(&hwInfo).isOk());
114
115 sp<IWritableIdentityCredential> writableCredential;
116 ASSERT_TRUE(setupWritableCredential(writableCredential, credentialStore_));
117
118 string challenge = "NotSoRandomChallenge";
119 vector<uint8_t> attestationChallenge(challenge.begin(), challenge.end());
120 vector<Certificate> attestationCertificate;
121 vector<uint8_t> attestationApplicationId = {};
122
123 result = writableCredential->getAttestationCertificate(
124 attestationApplicationId, attestationChallenge, &attestationCertificate);
125
126 ASSERT_TRUE(result.isOk()) << result.exceptionCode() << "; " << result.exceptionMessage()
127 << endl;
128
129 EXPECT_TRUE(validateAttestationCertificate(attestationCertificate, attestationChallenge,
130 attestationApplicationId, hwInfo));
131}
132
133TEST_P(VtsAttestationTests, verifyAttestationWithNonemptyChallengeNonemptyId) {
134 Status result;
135
136 HardwareInformation hwInfo;
137 ASSERT_TRUE(credentialStore_->getHardwareInformation(&hwInfo).isOk());
138
139 sp<IWritableIdentityCredential> writableCredential;
140 ASSERT_TRUE(setupWritableCredential(writableCredential, credentialStore_));
141
142 string challenge = "NotSoRandomChallenge1NotSoRandomChallenge1NotSoRandomChallenge1";
143 vector<uint8_t> attestationChallenge(challenge.begin(), challenge.end());
144 vector<Certificate> attestationCertificate;
145 string applicationId = "Attestation Verification";
146 vector<uint8_t> attestationApplicationId = {applicationId.begin(), applicationId.end()};
147
148 result = writableCredential->getAttestationCertificate(
149 attestationApplicationId, attestationChallenge, &attestationCertificate);
150
151 ASSERT_TRUE(result.isOk()) << result.exceptionCode() << "; " << result.exceptionMessage()
152 << endl;
153
154 EXPECT_TRUE(validateAttestationCertificate(attestationCertificate, attestationChallenge,
155 attestationApplicationId, hwInfo));
156}
157
158TEST_P(VtsAttestationTests, verifyAttestationWithVeryShortChallengeAndId) {
159 Status result;
160
161 HardwareInformation hwInfo;
162 ASSERT_TRUE(credentialStore_->getHardwareInformation(&hwInfo).isOk());
163
164 sp<IWritableIdentityCredential> writableCredential;
165 ASSERT_TRUE(setupWritableCredential(writableCredential, credentialStore_));
166
167 string challenge = "c";
168 vector<uint8_t> attestationChallenge(challenge.begin(), challenge.end());
169 vector<Certificate> attestationCertificate;
170 string applicationId = "i";
171 vector<uint8_t> attestationApplicationId = {applicationId.begin(), applicationId.end()};
172
173 result = writableCredential->getAttestationCertificate(
174 attestationApplicationId, attestationChallenge, &attestationCertificate);
175
176 ASSERT_TRUE(result.isOk()) << result.exceptionCode() << "; " << result.exceptionMessage()
177 << endl;
178
179 EXPECT_TRUE(validateAttestationCertificate(attestationCertificate, attestationChallenge,
180 attestationApplicationId, hwInfo));
181}
182
183INSTANTIATE_TEST_SUITE_P(
184 Identity, VtsAttestationTests,
185 testing::ValuesIn(android::getAidlHalInstanceNames(IIdentityCredentialStore::descriptor)),
186 android::PrintInstanceNameToString);
187
188} // namespace android::hardware::identity