Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_libhardware / 3a49cd8b15a854ef18aae96a8f32dcd403aa81a8 / . / tests / keymaster / keymaster_test.cpp
blob: dd24fcbaad6b58aca0aca84720b778401f3da970 [file] [log] [blame]
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]1/*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#define LOG_TAG "keymaster_test"
18#include <utils/Log.h>
Kenny Rootcaf62bd2012-03-22 16:33:37 -0700[diff] [blame]19#include <utils/UniquePtr.h>
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]20
21#include <hardware/keymaster.h>
22
23#include <gtest/gtest.h>
24
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]25#include <openssl/bn.h>
26#include <openssl/evp.h>
27#include <openssl/x509.h>
28
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]29#include <fstream>
30#include <iostream>
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]31
32namespace android {
33
34class UniqueBlob : public UniquePtr<uint8_t[]> {
35public:
36 UniqueBlob(uint8_t* bytes, size_t length) :
37 UniquePtr<uint8_t[]>(bytes), mLength(length) {
38 }
39
40 bool operator==(const UniqueBlob &other) const {
41 if (other.length() != mLength) {
42 return false;
43 }
44
45 const uint8_t* mine = get();
46 const uint8_t* theirs = other.get();
47
48 for (size_t i = 0; i < mLength; i++) {
49 if (mine[i] != theirs[i]) {
50 return false;
51 }
52 }
53
54 return true;
55 }
56
57 size_t length() const {
58 return mLength;
59 }
60
61 friend std::ostream &operator<<(std::ostream &stream, const UniqueBlob& blob);
62
63private:
64 size_t mLength;
65};
66
67std::ostream &operator<<(std::ostream &stream, const UniqueBlob& blob) {
68 const size_t length = blob.mLength;
69 stream << "Blob length=" << length << " < ";
70
71 const uint8_t* data = blob.get();
72 for (size_t i = 0; i < length; i++) {
73 stream << std::hex << std::setw(2) << std::setfill('0')
74 << static_cast<unsigned int>(data[i]) << ' ';
75 }
76 stream << '>' << std::endl;
77
78 return stream;
79}
80
81class UniqueKey : public UniqueBlob {
82public:
83 UniqueKey(keymaster_device_t** dev, uint8_t* bytes, size_t length) :
84 UniqueBlob(bytes, length), mDevice(dev) {
85 }
86
87 ~UniqueKey() {
88 if (mDevice != NULL && *mDevice != NULL) {
89 keymaster_device_t* dev = *mDevice;
90 if (dev->delete_keypair != NULL) {
91 dev->delete_keypair(dev, get(), length());
92 }
93 }
94 }
95
96private:
97 keymaster_device_t** mDevice;
98};
99
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]100struct BIGNUM_Delete {
101 void operator()(BIGNUM* p) const {
102 BN_free(p);
103 }
104};
105typedef UniquePtr<BIGNUM, BIGNUM_Delete> Unique_BIGNUM;
106
107struct EVP_PKEY_Delete {
108 void operator()(EVP_PKEY* p) const {
109 EVP_PKEY_free(p);
110 }
111};
112typedef UniquePtr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY;
113
114struct PKCS8_PRIV_KEY_INFO_Delete {
115 void operator()(PKCS8_PRIV_KEY_INFO* p) const {
116 PKCS8_PRIV_KEY_INFO_free(p);
117 }
118};
119typedef UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;
120
121struct RSA_Delete {
122 void operator()(RSA* p) const {
123 RSA_free(p);
124 }
125};
126typedef UniquePtr<RSA, RSA_Delete> Unique_RSA;
127
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]128/*
129 * DER-encoded PKCS#8 format RSA key. Generated using:
130 *
131 * openssl genrsa 2048 | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
132 */
133static uint8_t TEST_KEY_1[] = {
134 0x30, 0x82, 0x04, 0xBE, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A,
135 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
136 0x04, 0xA8, 0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01,
137 0x01, 0x00, 0xD8, 0x58, 0xD4, 0x9F, 0xC0, 0xE8, 0xF0, 0xFF, 0x87, 0x27,
138 0x43, 0xE6, 0x2E, 0xE6, 0x9A, 0x42, 0x3B, 0x39, 0x94, 0x84, 0x43, 0x55,
139 0x8D, 0x20, 0x5B, 0x71, 0x88, 0xE6, 0xD1, 0x62, 0xC8, 0xF2, 0x20, 0xD0,
140 0x75, 0x13, 0x83, 0xA3, 0x5D, 0x19, 0xA8, 0x62, 0xD0, 0x5F, 0x3E, 0x8A,
141 0x7C, 0x0E, 0x26, 0xA9, 0xFF, 0xB2, 0x5E, 0x63, 0xAA, 0x3C, 0x8D, 0x13,
142 0x41, 0xAA, 0xD5, 0x03, 0x01, 0x01, 0x53, 0xC9, 0x02, 0x1C, 0xEC, 0xE8,
143 0xC4, 0x70, 0x3F, 0x43, 0xE5, 0x51, 0xD0, 0x6E, 0x52, 0x0B, 0xC4, 0x0A,
144 0xA3, 0x61, 0xDE, 0xE3, 0x72, 0x0C, 0x94, 0xF1, 0x1C, 0x2D, 0x36, 0x77,
145 0xBB, 0x16, 0xA8, 0x63, 0x4B, 0xD1, 0x07, 0x00, 0x42, 0x2D, 0x2B, 0x10,
146 0x80, 0x45, 0xF3, 0x0C, 0xF9, 0xC5, 0xAC, 0xCC, 0x64, 0x87, 0xFD, 0x5D,
147 0xC8, 0x51, 0xD4, 0x1C, 0x9E, 0x6E, 0x9B, 0xC4, 0x27, 0x5E, 0x73, 0xA7,
148 0x2A, 0xF6, 0x90, 0x42, 0x0C, 0x34, 0x93, 0xB7, 0x02, 0x19, 0xA9, 0x64,
149 0x6C, 0x46, 0x3B, 0x40, 0x02, 0x2F, 0x54, 0x69, 0x79, 0x26, 0x7D, 0xF6,
150 0x85, 0x90, 0x01, 0xD0, 0x21, 0x07, 0xD0, 0x14, 0x00, 0x65, 0x9C, 0xAC,
151 0x24, 0xE8, 0x78, 0x42, 0x3B, 0x90, 0x75, 0x19, 0x55, 0x11, 0x4E, 0xD9,
152 0xE6, 0x97, 0x87, 0xBC, 0x8D, 0x2C, 0x9B, 0xF0, 0x1F, 0x14, 0xEB, 0x6A,
153 0x57, 0xCE, 0x78, 0xAD, 0xCE, 0xD9, 0xFB, 0xB9, 0xA1, 0xEF, 0x0C, 0x1F,
154 0xDD, 0xE3, 0x5B, 0x73, 0xA0, 0xEC, 0x37, 0x9C, 0xE1, 0xFD, 0x86, 0x28,
155 0xC3, 0x4A, 0x42, 0xD0, 0xA3, 0xFE, 0x57, 0x09, 0x29, 0xD8, 0xF6, 0xEC,
156 0xE3, 0xC0, 0x71, 0x7C, 0x29, 0x27, 0xC2, 0xD1, 0x3E, 0x22, 0xBC, 0xBD,
157 0x5A, 0x85, 0x41, 0xF6, 0x15, 0xDA, 0x0C, 0x58, 0x5A, 0x61, 0x5B, 0x78,
158 0xB8, 0xAA, 0xEC, 0x5C, 0x1C, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
159 0x82, 0x01, 0x00, 0x1D, 0x10, 0x31, 0xE0, 0x14, 0x26, 0x36, 0xD9, 0xDC,
160 0xEA, 0x25, 0x70, 0xF2, 0xB3, 0xFF, 0xDD, 0x0D, 0xDF, 0xBA, 0x57, 0xDA,
161 0x43, 0xCF, 0xE5, 0x9C, 0xE3, 0x2F, 0xA4, 0xF2, 0x53, 0xF6, 0xF2, 0xAF,
162 0xFD, 0xD0, 0xFC, 0x82, 0x1E, 0x9C, 0x0F, 0x2A, 0x53, 0xBB, 0xF2, 0x4F,
163 0x90, 0x83, 0x01, 0xD3, 0xA7, 0xDA, 0xB5, 0xB7, 0x80, 0x64, 0x0A, 0x26,
164 0x59, 0x83, 0xE4, 0xD3, 0x20, 0xC8, 0x2D, 0xC9, 0x77, 0xA3, 0x55, 0x07,
165 0x6E, 0x6D, 0x95, 0x36, 0xAA, 0x84, 0x4F, 0xED, 0x54, 0x24, 0xA9, 0x77,
166 0xF8, 0x85, 0xE2, 0x4B, 0xF2, 0xFA, 0x0B, 0x3E, 0xA6, 0xF5, 0x46, 0x0D,
167 0x9F, 0x1F, 0xFE, 0xF7, 0x37, 0xFF, 0xA3, 0x60, 0xF1, 0x63, 0xF2, 0x75,
168 0x6A, 0x8E, 0x10, 0xD7, 0x89, 0xD2, 0xB3, 0xFF, 0x76, 0xA5, 0xBA, 0xAF,
169 0x0A, 0xBE, 0x32, 0x5F, 0xF0, 0x48, 0x48, 0x4B, 0x9C, 0x9A, 0x3D, 0x12,
170 0xA7, 0xD2, 0x07, 0xC7, 0x59, 0x32, 0x94, 0x95, 0x65, 0x2F, 0x87, 0x34,
171 0x76, 0xBA, 0x7C, 0x08, 0x4B, 0xAB, 0xA6, 0x24, 0xDF, 0x64, 0xDB, 0x48,
172 0x63, 0x42, 0x06, 0xE2, 0x2C, 0x3D, 0xFB, 0xE5, 0x47, 0x81, 0x94, 0x98,
173 0xF7, 0x32, 0x4B, 0x28, 0xEB, 0x42, 0xB8, 0xE9, 0x8E, 0xFC, 0xC9, 0x43,
174 0xC9, 0x47, 0xE6, 0xE7, 0x1C, 0xDC, 0x71, 0xEF, 0x4D, 0x8A, 0xB1, 0xFC,
175 0x45, 0x37, 0xEC, 0xB3, 0x16, 0x88, 0x5B, 0xE2, 0xEC, 0x8B, 0x6B, 0x75,
176 0x16, 0xBE, 0x6B, 0xF8, 0x2C, 0xF8, 0xC9, 0xD1, 0xF7, 0x55, 0x87, 0x57,
177 0x5F, 0xDE, 0xF4, 0x7E, 0x72, 0x13, 0x06, 0x2A, 0x21, 0xB7, 0x78, 0x21,
178 0x05, 0xFD, 0xE2, 0x5F, 0x7B, 0x7C, 0xF0, 0x26, 0x2B, 0x75, 0x7F, 0x68,
179 0xF9, 0xA6, 0x98, 0xFD, 0x54, 0x0E, 0xCC, 0x22, 0x41, 0x7F, 0x29, 0x81,
180 0x2F, 0xA3, 0x3C, 0x3D, 0x64, 0xC8, 0x41, 0x02, 0x81, 0x81, 0x00, 0xFA,
181 0xFA, 0xE4, 0x2E, 0x30, 0xF0, 0x7A, 0x8D, 0x95, 0xB8, 0x39, 0x58, 0x27,
182 0x0F, 0x89, 0x0C, 0xDF, 0xFE, 0x2F, 0x55, 0x3B, 0x6F, 0xDD, 0x5F, 0x12,
183 0xB3, 0xD1, 0xCF, 0x5B, 0x8D, 0xB6, 0x10, 0x1C, 0x87, 0x0C, 0x30, 0x89,
184 0x2D, 0xBB, 0xB8, 0xA1, 0x78, 0x0F, 0x54, 0xA6, 0x36, 0x46, 0x05, 0x8B,
185 0x5A, 0xFF, 0x48, 0x03, 0x13, 0xAE, 0x95, 0x96, 0x5D, 0x6C, 0xDA, 0x5D,
186 0xF7, 0xAD, 0x1D, 0x33, 0xED, 0x23, 0xF5, 0x4B, 0x03, 0x78, 0xE7, 0x50,
187 0xD1, 0x2D, 0x95, 0x22, 0x35, 0x02, 0x5B, 0x4A, 0x4E, 0x73, 0xC9, 0xB7,
188 0x05, 0xC4, 0x21, 0x86, 0x1F, 0x1E, 0x40, 0x83, 0xBC, 0x8A, 0x3A, 0x95,
189 0x24, 0x62, 0xF4, 0x58, 0x38, 0x64, 0x4A, 0x89, 0x8A, 0x27, 0x59, 0x12,
190 0x9D, 0x21, 0xC3, 0xA6, 0x42, 0x1E, 0x2A, 0x3F, 0xD8, 0x65, 0x1F, 0x6E,
191 0x3E, 0x4D, 0x5C, 0xCC, 0xEA, 0x8E, 0x15, 0x02, 0x81, 0x81, 0x00, 0xDC,
192 0xAC, 0x9B, 0x00, 0xDB, 0xF9, 0xB2, 0xBF, 0xC4, 0x5E, 0xB6, 0xB7, 0x63,
193 0xEB, 0x13, 0x4B, 0xE2, 0xA6, 0xC8, 0x72, 0x90, 0xD8, 0xC2, 0x33, 0x33,
194 0xF0, 0x66, 0x75, 0xBD, 0x50, 0x7C, 0xA4, 0x8F, 0x82, 0xFB, 0xFF, 0x44,
195 0x3B, 0xE7, 0x15, 0x3A, 0x0C, 0x7A, 0xF8, 0x92, 0x86, 0x4A, 0x79, 0x32,
196 0x08, 0x82, 0x1D, 0x6A, 0xBA, 0xAD, 0x8A, 0xB3, 0x3D, 0x7F, 0xA5, 0xB4,
197 0x6F, 0x67, 0x86, 0x7E, 0xB2, 0x9C, 0x2A, 0xF6, 0x7C, 0x49, 0x21, 0xC5,
198 0x3F, 0x00, 0x3F, 0x9B, 0xF7, 0x0F, 0x6C, 0x35, 0x80, 0x75, 0x73, 0xC0,
199 0xF8, 0x3E, 0x30, 0x5F, 0x74, 0x2F, 0x15, 0x41, 0xEA, 0x0F, 0xCE, 0x0E,
200 0x18, 0x17, 0x68, 0xBA, 0xC4, 0x29, 0xF2, 0xE2, 0x2C, 0x1D, 0x55, 0x83,
201 0xB6, 0x64, 0x2E, 0x03, 0x12, 0xA4, 0x0D, 0xBF, 0x4F, 0x2E, 0xBE, 0x7C,
202 0x41, 0xD9, 0xCD, 0xD0, 0x52, 0x91, 0xD5, 0x02, 0x81, 0x81, 0x00, 0xD4,
203 0x55, 0xEB, 0x32, 0xC1, 0x28, 0xD3, 0x26, 0x72, 0x22, 0xB8, 0x31, 0x42,
204 0x6A, 0xBC, 0x52, 0x6E, 0x37, 0x48, 0xA8, 0x5D, 0x6E, 0xD8, 0xE5, 0x14,
205 0x97, 0x99, 0xCC, 0x4A, 0xF2, 0xEB, 0xB3, 0x59, 0xCF, 0x4F, 0x9A, 0xC8,
206 0x94, 0x2E, 0x9B, 0x97, 0xD0, 0x51, 0x78, 0x16, 0x5F, 0x18, 0x82, 0x9C,
207 0x51, 0xD2, 0x64, 0x84, 0x65, 0xE4, 0x70, 0x9E, 0x14, 0x50, 0x81, 0xB6,
208 0xBA, 0x52, 0x75, 0xC0, 0x76, 0xC2, 0xD3, 0x46, 0x31, 0x9B, 0xDA, 0x67,
209 0xDF, 0x71, 0x27, 0x19, 0x17, 0xAB, 0xF4, 0xBC, 0x3A, 0xFF, 0x6F, 0x0B,
210 0x2F, 0x0F, 0xAE, 0x25, 0x20, 0xB2, 0xA1, 0x76, 0x52, 0xCE, 0xC7, 0x9D,
211 0x62, 0x79, 0x6D, 0xAC, 0x2D, 0x99, 0x7C, 0x0E, 0x3D, 0x19, 0xE9, 0x1B,
212 0xFC, 0x60, 0x92, 0x7C, 0x58, 0xB7, 0xD8, 0x9A, 0xC7, 0x63, 0x56, 0x62,
213 0x18, 0xC7, 0xAE, 0xD9, 0x97, 0x1F, 0xB9, 0x02, 0x81, 0x81, 0x00, 0x91,
214 0x40, 0xC4, 0x1E, 0x82, 0xAD, 0x0F, 0x6D, 0x8E, 0xD2, 0x51, 0x2E, 0xD1,
215 0x84, 0x30, 0x85, 0x68, 0xC1, 0x23, 0x7B, 0xD5, 0xBF, 0xF7, 0xC4, 0x40,
216 0x51, 0xE2, 0xFF, 0x69, 0x07, 0x8B, 0xA3, 0xBE, 0x1B, 0x17, 0xC8, 0x64,
217 0x9F, 0x91, 0x71, 0xB5, 0x6D, 0xF5, 0x9B, 0x9C, 0xC6, 0xEC, 0x4A, 0x6E,
218 0x16, 0x8F, 0x9E, 0xD1, 0x5B, 0xE3, 0x53, 0x42, 0xBC, 0x1E, 0x43, 0x72,
219 0x4B, 0x4A, 0x37, 0x8B, 0x3A, 0x01, 0xF5, 0x7D, 0x9D, 0x3D, 0x7E, 0x0F,
220 0x19, 0x73, 0x0E, 0x6B, 0x98, 0xE9, 0xFB, 0xEE, 0x13, 0x8A, 0x3C, 0x11,
221 0x2E, 0xD5, 0xB0, 0x7D, 0x84, 0x3A, 0x61, 0xA1, 0xAB, 0x71, 0x8F, 0xCE,
222 0x53, 0x29, 0x45, 0x74, 0x7A, 0x1E, 0xAA, 0x93, 0x19, 0x3A, 0x8D, 0xC9,
223 0x4E, 0xCB, 0x0E, 0x46, 0x53, 0x84, 0xCC, 0xCF, 0xBA, 0x4D, 0x28, 0x71,
224 0x1D, 0xDF, 0x41, 0xCB, 0xF8, 0x2D, 0xA9, 0x02, 0x81, 0x80, 0x04, 0x8B,
225 0x4A, 0xEA, 0xBD, 0x39, 0x0B, 0x96, 0xC5, 0x1D, 0xA4, 0x47, 0xFD, 0x46,
226 0xD2, 0x8A, 0xEA, 0x2A, 0xF3, 0x9D, 0x3A, 0x7E, 0x16, 0x74, 0xFC, 0x13,
227 0xDE, 0x4D, 0xA9, 0x85, 0x42, 0x33, 0x02, 0x92, 0x0B, 0xB6, 0xDB, 0x7E,
228 0xEA, 0x85, 0xC2, 0x94, 0x43, 0x52, 0x37, 0x5A, 0x77, 0xAB, 0xCB, 0x61,
229 0x88, 0xDE, 0xF8, 0xFA, 0xDB, 0xE8, 0x0B, 0x95, 0x7D, 0x39, 0x19, 0xA2,
230 0x89, 0xB9, 0x32, 0xB2, 0x50, 0x38, 0xF7, 0x88, 0x69, 0xFD, 0xA4, 0x63,
231 0x1F, 0x9B, 0x03, 0xD8, 0xA6, 0x7A, 0x05, 0x76, 0x02, 0x28, 0x93, 0x82,
232 0x73, 0x7F, 0x14, 0xCC, 0xBE, 0x29, 0x10, 0xAD, 0x8A, 0x2E, 0xAC, 0xED,
233 0x11, 0xA7, 0x72, 0x7C, 0x60, 0x78, 0x72, 0xFB, 0x78, 0x20, 0x18, 0xC9,
234 0x7E, 0x63, 0xAD, 0x55, 0x54, 0x51, 0xDB, 0x9F, 0x7B, 0xD4, 0x8F, 0xB2,
235 0xDE, 0x3B, 0xF1, 0x70, 0x23, 0xE5,
236};
237
238/*
239 * Generated using keys on the keyboard and lack of imagination.
240 */
241static unsigned char BOGUS_KEY_1[] = { 0xFF, 0xFF, 0xFF, 0xFF };
242
243
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]244class KeymasterBaseTest : public ::testing::Test {
245public:
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]246 static void SetUpTestCase() {
247 const hw_module_t* mod;
248 ASSERT_EQ(0, hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod))
249 << "Should be able to find a keymaster hardware module";
250
251 std::cout << "Using keymaster module: " << mod->name << std::endl;
252
253 ASSERT_EQ(0, keymaster_open(mod, &sDevice))
254 << "Should be able to open the keymaster device";
255
256 ASSERT_TRUE(sDevice->generate_keypair != NULL)
257 << "Should implement generate_keypair";
258
259 ASSERT_TRUE(sDevice->import_keypair != NULL)
260 << "Should implement import_keypair";
261
262 ASSERT_TRUE(sDevice->get_keypair_public != NULL)
263 << "Should implement get_keypair_public";
264
265 ASSERT_TRUE(sDevice->sign_data != NULL)
266 << "Should implement sign_data";
267
268 ASSERT_TRUE(sDevice->verify_data != NULL)
269 << "Should implement verify_data";
270 }
271
272 static void TearDownTestCase() {
273 ASSERT_EQ(0, keymaster_close(sDevice));
274 }
275
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]276protected:
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]277 static keymaster_device_t* sDevice;
278};
279
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]280keymaster_device_t* KeymasterBaseTest::sDevice = NULL;
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]281
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]282class KeymasterTest : public KeymasterBaseTest {
283};
284
285class KeymasterGenerateTest : public KeymasterBaseTest,
286 public ::testing::WithParamInterface<uint32_t> {
287};
288
289TEST_P(KeymasterGenerateTest, GenerateKeyPair_RSA_Success) {
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]290 keymaster_keypair_t key_type = TYPE_RSA;
291 keymaster_rsa_keygen_params_t params = {
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]292 modulus_size: GetParam(),
293 public_exponent: RSA_F4,
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]294 };
295
296 uint8_t* key_blob;
297 size_t key_blob_length;
298
299 EXPECT_EQ(0,
300 sDevice->generate_keypair(sDevice, key_type, &params, &key_blob, &key_blob_length))
301 << "Should generate an RSA key with 512 bit modulus size";
302 UniqueKey key(&sDevice, key_blob, key_blob_length);
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]303
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]304 uint8_t* x509_data = NULL;
305 size_t x509_data_length;
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]306 EXPECT_EQ(0,
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]307 sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
308 &x509_data, &x509_data_length))
309 << "Should be able to retrieve RSA public key successfully";
310 UniqueBlob x509_blob(x509_data, x509_data_length);
311 ASSERT_FALSE(x509_blob.get() == NULL)
312 << "X509 data should be allocated";
313
314 const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
315 Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
316 static_cast<long>(x509_blob.length())));
317
318 ASSERT_EQ(EVP_PKEY_RSA, EVP_PKEY_type(actual.get()->type))
319 << "Generated key type should be of type RSA";
320
321 Unique_RSA rsa(EVP_PKEY_get1_RSA(actual.get()));
322 ASSERT_FALSE(rsa.get() == NULL)
323 << "Should be able to extract RSA key from EVP_PKEY";
324
325 EXPECT_EQ(static_cast<unsigned long>(RSA_F4), BN_get_word(rsa.get()->e))
326 << "Exponent should be RSA_F4";
327
328 EXPECT_EQ(GetParam() / 8, static_cast<uint32_t>(RSA_size(rsa.get())))
329 << "Modulus size should be the specified parameter";
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]330}
331
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]332INSTANTIATE_TEST_CASE_P(RSA,
333 KeymasterGenerateTest,
334 ::testing::Values(512, 1024, 2048));
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]335
336TEST_F(KeymasterTest, GenerateKeyPair_RSA_NullParams_Failure) {
337 keymaster_keypair_t key_type = TYPE_RSA;
338
339 uint8_t* key_blob;
340 size_t key_blob_length;
341
342 EXPECT_EQ(-1,
343 sDevice->generate_keypair(sDevice, key_type, NULL, &key_blob, &key_blob_length))
344 << "Should not be able to generate an RSA key with null params";
345}
346
347TEST_F(KeymasterTest, GenerateKeyPair_UnknownType_Failure) {
348 keymaster_keypair_t key_type = static_cast<keymaster_keypair_t>(0xFFFF);
349
350 uint8_t* key_blob;
351 size_t key_blob_length;
352
353 EXPECT_EQ(-1,
354 sDevice->generate_keypair(sDevice, key_type, NULL, &key_blob, &key_blob_length))
355 << "Should not generate an unknown key type";
356}
357
358TEST_F(KeymasterTest, ImportKeyPair_RSA_Success) {
359 uint8_t* key_blob;
360 size_t key_blob_length;
361
362 EXPECT_EQ(0,
363 sDevice->import_keypair(sDevice, TEST_KEY_1, sizeof(TEST_KEY_1),
364 &key_blob, &key_blob_length))
365 << "Should successfully import an RSA key";
366 UniqueKey key(&sDevice, key_blob, key_blob_length);
Kenny Root8467a6d2012-08-08 17:04:40 -0700[diff] [blame]367
368 uint8_t* x509_data;
369 size_t x509_data_length;
370 EXPECT_EQ(0,
371 sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
372 &x509_data, &x509_data_length))
373 << "Should be able to retrieve RSA public key successfully";
374 UniqueBlob x509_blob(x509_data, x509_data_length);
375
376 const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
377 Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
378 static_cast<long>(x509_blob.length())));
379
380 EXPECT_EQ(EVP_PKEY_type(actual.get()->type), EVP_PKEY_RSA)
381 << "Generated key type should be of type RSA";
382
383 const unsigned char *expectedTmp = static_cast<const unsigned char*>(TEST_KEY_1);
384 Unique_PKCS8_PRIV_KEY_INFO expectedPkcs8(
385 d2i_PKCS8_PRIV_KEY_INFO((PKCS8_PRIV_KEY_INFO**) NULL, &expectedTmp,
386 sizeof(TEST_KEY_1)));
387
388 Unique_EVP_PKEY expected(EVP_PKCS82PKEY(expectedPkcs8.get()));
389
390 EXPECT_EQ(1, EVP_PKEY_cmp(expected.get(), actual.get()))
391 << "Expected and actual keys should match";
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]392}
393
394TEST_F(KeymasterTest, ImportKeyPair_BogusKey_Failure) {
395 uint8_t* key_blob;
396 size_t key_blob_length;
397
398 EXPECT_EQ(-1,
399 sDevice->import_keypair(sDevice, BOGUS_KEY_1, sizeof(BOGUS_KEY_1),
400 &key_blob, &key_blob_length))
401 << "Should not import an unknown key type";
402}
403
404TEST_F(KeymasterTest, ImportKeyPair_NullKey_Failure) {
405 uint8_t* key_blob;
406 size_t key_blob_length;
407
408 EXPECT_EQ(-1,
409 sDevice->import_keypair(sDevice, NULL, 0,
410 &key_blob, &key_blob_length))
411 << "Should not import a null key";
412}
413
414TEST_F(KeymasterTest, GetKeypairPublic_RSA_Success) {
415 uint8_t* key_blob;
416 size_t key_blob_length;
417
418 ASSERT_EQ(0,
419 sDevice->import_keypair(sDevice, TEST_KEY_1, sizeof(TEST_KEY_1),
420 &key_blob, &key_blob_length))
421 << "Should successfully import an RSA key";
422 UniqueKey key(&sDevice, key_blob, key_blob_length);
423
424 uint8_t* x509_data;
425 size_t x509_data_length;
426 EXPECT_EQ(0,
427 sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
428 &x509_data, &x509_data_length))
429 << "Should be able to retrieve RSA public key successfully";
430 UniqueBlob x509_blob(x509_data, x509_data_length);
431}
432
433TEST_F(KeymasterTest, GetKeypairPublic_RSA_NullKey_Failure) {
434 uint8_t* key_blob;
435 size_t key_blob_length;
436
437 uint8_t* x509_data = NULL;
438 size_t x509_data_length;
439 EXPECT_EQ(-1,
440 sDevice->get_keypair_public(sDevice, NULL, 0,
441 &x509_data, &x509_data_length))
442 << "Should not be able to retrieve RSA public key from null key";
443 UniqueBlob x509_blob(x509_data, x509_data_length);
444}
445
446TEST_F(KeymasterTest, GetKeypairPublic_RSA_NullDestination_Failure) {
447 uint8_t* key_blob;
448 size_t key_blob_length;
449
450 ASSERT_EQ(0,
451 sDevice->import_keypair(sDevice, TEST_KEY_1, sizeof(TEST_KEY_1),
452 &key_blob, &key_blob_length))
453 << "Should successfully import an RSA key";
454 UniqueKey key(&sDevice, key_blob, key_blob_length);
455
456 EXPECT_EQ(-1,
457 sDevice->get_keypair_public(sDevice, key.get(), key.length(),
458 NULL, NULL))
459 << "Should not be able to succeed with NULL destination blob";
460}
461
462TEST_F(KeymasterTest, DeleteKeyPair_RSA_Success) {
463 uint8_t* key_blob;
464 size_t key_blob_length;
465
466 EXPECT_EQ(0,
467 sDevice->import_keypair(sDevice, TEST_KEY_1, sizeof(TEST_KEY_1),
468 &key_blob, &key_blob_length))
469 << "Should successfully import an RSA key";
470 UniqueKey key(&sDevice, key_blob, key_blob_length);
471}
472
473TEST_F(KeymasterTest, DeleteKeyPair_RSA_DoubleDelete_Failure) {
474 uint8_t* key_blob;
475 size_t key_blob_length;
476
477 /*
478 * This is only run if the module indicates it implements key deletion
479 * by implementing delete_keypair.
480 */
481 if (sDevice->delete_keypair != NULL) {
482 ASSERT_EQ(0,
483 sDevice->import_keypair(sDevice, TEST_KEY_1, sizeof(TEST_KEY_1),
484 &key_blob, &key_blob_length))
485 << "Should successfully import an RSA key";
486 UniqueBlob blob(key_blob, key_blob_length);
487
488 EXPECT_EQ(0, sDevice->delete_keypair(sDevice, key_blob, key_blob_length))
489 << "Should delete key after import";
490
491 EXPECT_EQ(-1, sDevice->delete_keypair(sDevice, key_blob, key_blob_length))
492 << "Should not be able to delete key twice";
493 }
494}
495
496TEST_F(KeymasterTest, DeleteKeyPair_RSA_NullKey_Failure) {
497 /*
498 * This is only run if the module indicates it implements key deletion
499 * by implementing delete_keypair.
500 */
501 if (sDevice->delete_keypair != NULL) {
502 EXPECT_EQ(-1, sDevice->delete_keypair(sDevice, NULL, 0))
503 << "Should not be able to delete null key";
504 }
505}
506
507/*
508 * DER-encoded PKCS#8 format RSA key. Generated using:
509 *
510 * openssl genrsa 512 | openssl pkcs8 -topk8 -nocrypt -outform der | recode ../x1
511 */
512static uint8_t TEST_SIGN_KEY_1[] = {
513 0x30, 0x82, 0x01, 0x56, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A,
514 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
515 0x01, 0x40, 0x30, 0x82, 0x01, 0x3C, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
516 0xBD, 0xC0, 0x7F, 0xEF, 0x75, 0x1D, 0x63, 0x2A, 0xD0, 0x9A, 0x26, 0xE5,
517 0x5B, 0xB9, 0x84, 0x7C, 0xE5, 0xC7, 0xE7, 0xDE, 0xFE, 0xB6, 0x54, 0xD9,
518 0xF0, 0x9B, 0xC2, 0xCF, 0x36, 0xDA, 0xE5, 0x4D, 0xC5, 0xD9, 0x25, 0x78,
519 0xBD, 0x55, 0x05, 0xBD, 0x86, 0xFB, 0x37, 0x15, 0x33, 0x42, 0x52, 0xED,
520 0xE5, 0xCD, 0xCB, 0xB7, 0xA2, 0x51, 0xFA, 0x36, 0xE9, 0x9C, 0x2E, 0x5D,
521 0xE3, 0xA5, 0x1F, 0x01, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x41, 0x00,
522 0x96, 0x71, 0xDE, 0xBD, 0x83, 0x94, 0x96, 0x40, 0xA6, 0xFD, 0xE1, 0xA2,
523 0xED, 0xD3, 0xAC, 0x28, 0xBE, 0xA2, 0x7D, 0xC3, 0xFF, 0x1D, 0x9F, 0x2E,
524 0xE0, 0xA7, 0x0E, 0x90, 0xEE, 0x44, 0x25, 0x92, 0xE3, 0x54, 0xDD, 0x55,
525 0xA3, 0xEF, 0x42, 0xF5, 0x52, 0x55, 0x41, 0x47, 0x5E, 0x00, 0xFB, 0x8B,
526 0x47, 0x5E, 0x45, 0x49, 0xEA, 0x3D, 0x2C, 0xFD, 0x9F, 0xEC, 0xC8, 0x4E,
527 0x4E, 0x86, 0x90, 0x31, 0x02, 0x21, 0x00, 0xE6, 0xA5, 0x55, 0xB3, 0x64,
528 0xAB, 0x90, 0x5E, 0xA2, 0xF5, 0x6B, 0x21, 0x4B, 0x15, 0xD6, 0x4A, 0xB6,
529 0x60, 0x24, 0x95, 0x65, 0xA2, 0xBE, 0xBA, 0x2A, 0x73, 0xFB, 0xFF, 0x2C,
530 0x61, 0x88, 0x9D, 0x02, 0x21, 0x00, 0xD2, 0x9C, 0x5B, 0xFE, 0x82, 0xA5,
531 0xFC, 0x52, 0x6A, 0x29, 0x38, 0xDB, 0x22, 0x3B, 0xEB, 0x74, 0x3B, 0xCA,
532 0xB4, 0xDD, 0x1D, 0xE4, 0x48, 0x60, 0x70, 0x19, 0x9B, 0x81, 0xC1, 0x83,
533 0x28, 0xB5, 0x02, 0x21, 0x00, 0x89, 0x2D, 0xFE, 0xF9, 0xF2, 0xBF, 0x43,
534 0xDF, 0xB5, 0xA6, 0xA8, 0x30, 0x26, 0x1B, 0x77, 0xD7, 0xF9, 0xFE, 0xD6,
535 0xE3, 0x70, 0x8E, 0xCA, 0x47, 0xA9, 0xA6, 0x50, 0x54, 0x25, 0xCE, 0x60,
536 0xD5, 0x02, 0x21, 0x00, 0xBE, 0x5A, 0xF8, 0x82, 0xE6, 0xCE, 0xE3, 0x6A,
537 0x11, 0xED, 0xC4, 0x27, 0xBB, 0x9F, 0x70, 0xC6, 0x93, 0xAC, 0x39, 0x20,
538 0x89, 0x7D, 0xE5, 0x34, 0xD4, 0xDD, 0x30, 0x42, 0x6D, 0x07, 0x00, 0xE9,
539 0x02, 0x20, 0x05, 0x91, 0xEF, 0x12, 0xD2, 0xD3, 0x6A, 0xD2, 0x96, 0x6B,
540 0x10, 0x62, 0xF9, 0xBA, 0xA4, 0x91, 0x48, 0x84, 0x40, 0x61, 0x67, 0x80,
541 0x68, 0x68, 0xC8, 0x60, 0xB3, 0x66, 0xC8, 0xF9, 0x08, 0x9A,
542};
543
544/*
545 * PKCS#1 v1.5 padded raw "Hello, world" Can be generated be generated by verifying
546 * the signature below in no padding mode:
547 *
548 * openssl rsautl -keyform der -inkey rsa.der -raw -verify -in test.sig
549 */
550static uint8_t TEST_SIGN_DATA_1[] = {
551 0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
552 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
553 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
554 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
555 0xFF, 0xFF, 0xFF, 0x00, 0x48, 0x65, 0x6C, 0x6C, 0x6F, 0x2C, 0x20, 0x77,
556 0x6F, 0x72, 0x6C, 0x64,
557};
558
559/*
560 * Signature of TEST_SIGN_DATA_1 using TEST_SIGN_KEY_1. Generated using:
561 *
562 * echo 'Hello, world' | openssl rsautl -keyform der -inkey rsa.der -sign | recode ../x1
563 */
564static uint8_t TEST_SIGN_SIGNATURE_1[] = {
565 0xA4, 0xBB, 0x76, 0x87, 0xFE, 0x61, 0x0C, 0x9D, 0xD6, 0xFF, 0x4B, 0x76,
566 0x96, 0x08, 0x36, 0x23, 0x11, 0xC6, 0x44, 0x3F, 0x88, 0x77, 0x97, 0xB2,
567 0xA8, 0x3B, 0xFB, 0x9C, 0x3C, 0xD3, 0x20, 0x65, 0xFD, 0x26, 0x3B, 0x2A,
568 0xB8, 0xB6, 0xD4, 0xDC, 0x91, 0xF7, 0xE2, 0xDE, 0x4D, 0xF7, 0x0E, 0xB9,
569 0x72, 0xA7, 0x29, 0x72, 0x82, 0x12, 0x7C, 0x53, 0x23, 0x21, 0xC4, 0xFF,
570 0x79, 0xE4, 0x91, 0x40,
571};
572
573/*
574 * Identical to TEST_SIGN_SIGNATURE_1 except the last octet is '1' instead of '0'
575 * This should fail any test.
576 */
577static uint8_t TEST_SIGN_SIGNATURE_BOGUS_1[] = {
578 0xA4, 0xBB, 0x76, 0x87, 0xFE, 0x61, 0x0C, 0x9D, 0xD6, 0xFF, 0x4B, 0x76,
579 0x96, 0x08, 0x36, 0x23, 0x11, 0xC6, 0x44, 0x3F, 0x88, 0x77, 0x97, 0xB2,
580 0xA8, 0x3B, 0xFB, 0x9C, 0x3C, 0xD3, 0x20, 0x65, 0xFD, 0x26, 0x3B, 0x2A,
581 0xB8, 0xB6, 0xD4, 0xDC, 0x91, 0xF7, 0xE2, 0xDE, 0x4D, 0xF7, 0x0E, 0xB9,
582 0x72, 0xA7, 0x29, 0x72, 0x82, 0x12, 0x7C, 0x53, 0x23, 0x21, 0xC4, 0xFF,
583 0x79, 0xE4, 0x91, 0x41,
584};
585
586TEST_F(KeymasterTest, SignData_RSA_Raw_Success) {
587 uint8_t* key_blob;
588 size_t key_blob_length;
589
590 ASSERT_EQ(0,
591 sDevice->import_keypair(sDevice, TEST_SIGN_KEY_1, sizeof(TEST_SIGN_KEY_1),
592 &key_blob, &key_blob_length))
593 << "Should successfully import an RSA key";
594 UniqueKey key(&sDevice, key_blob, key_blob_length);
595
596 keymaster_rsa_sign_params_t params = {
597 digest_type: DIGEST_NONE,
598 padding_type: PADDING_NONE,
599 };
600
601 uint8_t* sig;
602 size_t sig_length;
603
604 EXPECT_EQ(0,
605 sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
606 TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1),
607 &sig, &sig_length))
608 << "Should sign data successfully";
609 UniqueBlob sig_blob(sig, sig_length);
610
611 UniqueBlob expected_sig(TEST_SIGN_SIGNATURE_1, sizeof(TEST_SIGN_SIGNATURE_1));
612
613 EXPECT_EQ(expected_sig, sig_blob)
614 << "Generated signature should match expected signature";
615
616 // The expected signature is actually stack data, so don't let it try to free.
617 uint8_t* unused __attribute__((unused)) = expected_sig.release();
618}
619
620TEST_F(KeymasterTest, SignData_RSA_Raw_InvalidSizeInput_Failure) {
621 uint8_t* key_blob;
622 size_t key_blob_length;
623
624 ASSERT_EQ(0,
625 sDevice->import_keypair(sDevice, TEST_SIGN_KEY_1, sizeof(TEST_SIGN_KEY_1),
626 &key_blob, &key_blob_length))
627 << "Should successfully import an RSA key";
628 UniqueKey key(&sDevice, key_blob, key_blob_length);
629
630 keymaster_rsa_sign_params_t params = {
631 digest_type: DIGEST_NONE,
632 padding_type: PADDING_NONE,
633 };
634
635 uint8_t* sig;
636 size_t sig_length;
637
638 EXPECT_EQ(-1,
639 sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
640 TEST_KEY_1, sizeof(TEST_KEY_1),
641 &sig, &sig_length))
642 << "Should not be able to do raw signature on incorrect size data";
643}
644
645TEST_F(KeymasterTest, SignData_RSA_Raw_NullKey_Failure) {
646 keymaster_rsa_sign_params_t params = {
647 digest_type: DIGEST_NONE,
648 padding_type: PADDING_NONE,
649 };
650
651 uint8_t* sig;
652 size_t sig_length;
653
654 EXPECT_EQ(-1,
655 sDevice->sign_data(sDevice, &params, NULL, 0,
656 TEST_KEY_1, sizeof(TEST_KEY_1),
657 &sig, &sig_length))
658 << "Should not be able to do raw signature on incorrect size data";
659}
660
661TEST_F(KeymasterTest, SignData_RSA_Raw_NullInput_Failure) {
662 uint8_t* key_blob;
663 size_t key_blob_length;
664
665 ASSERT_EQ(0,
666 sDevice->import_keypair(sDevice, TEST_SIGN_KEY_1, sizeof(TEST_SIGN_KEY_1),
667 &key_blob, &key_blob_length))
668 << "Should successfully import an RSA key";
669 UniqueKey key(&sDevice, key_blob, key_blob_length);
670
671 keymaster_rsa_sign_params_t params = {
672 digest_type: DIGEST_NONE,
673 padding_type: PADDING_NONE,
674 };
675
676 uint8_t* sig;
677 size_t sig_length;
678
679 EXPECT_EQ(-1,
680 sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
681 NULL, 0,
682 &sig, &sig_length))
683 << "Should error when input data is null";
684}
685
686TEST_F(KeymasterTest, SignData_RSA_Raw_NullOutput_Failure) {
687 uint8_t* key_blob;
688 size_t key_blob_length;
689
690 ASSERT_EQ(0,
691 sDevice->import_keypair(sDevice, TEST_SIGN_KEY_1, sizeof(TEST_SIGN_KEY_1),
692 &key_blob, &key_blob_length))
693 << "Should successfully import an RSA key";
694 UniqueKey key(&sDevice, key_blob, key_blob_length);
695
696 keymaster_rsa_sign_params_t params = {
697 digest_type: DIGEST_NONE,
698 padding_type: PADDING_NONE,
699 };
700
701 uint8_t* sig;
702 size_t sig_length;
703
704 EXPECT_EQ(-1,
705 sDevice->sign_data(sDevice, &params, key_blob, key_blob_length,
706 TEST_KEY_1, sizeof(TEST_KEY_1),
707 NULL, NULL))
708 << "Should error when output is null";
709}
710
711TEST_F(KeymasterTest, VerifyData_RSA_Raw_Success) {
712 uint8_t* key_blob;
713 size_t key_blob_length;
714
715 ASSERT_EQ(0,
716 sDevice->import_keypair(sDevice, TEST_SIGN_KEY_1, sizeof(TEST_SIGN_KEY_1),
717 &key_blob, &key_blob_length))
718 << "Should successfully import an RSA key";
719 UniqueKey key(&sDevice, key_blob, key_blob_length);
720
721 keymaster_rsa_sign_params_t params = {
722 digest_type: DIGEST_NONE,
723 padding_type: PADDING_NONE,
724 };
725
726 EXPECT_EQ(0,
727 sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
728 TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1),
729 TEST_SIGN_SIGNATURE_1, sizeof(TEST_SIGN_SIGNATURE_1)))
730 << "Should verify data successfully";
731}
732
733TEST_F(KeymasterTest, VerifyData_RSA_Raw_BadSignature_Failure) {
734 uint8_t* key_blob;
735 size_t key_blob_length;
736
737 ASSERT_EQ(0,
738 sDevice->import_keypair(sDevice, TEST_SIGN_KEY_1, sizeof(TEST_SIGN_KEY_1),
739 &key_blob, &key_blob_length))
740 << "Should successfully import an RSA key";
741 UniqueKey key(&sDevice, key_blob, key_blob_length);
742
743 keymaster_rsa_sign_params_t params = {
744 digest_type: DIGEST_NONE,
745 padding_type: PADDING_NONE,
746 };
747
748 EXPECT_EQ(-1,
749 sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
750 TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1),
751 TEST_SIGN_SIGNATURE_BOGUS_1, sizeof(TEST_SIGN_SIGNATURE_BOGUS_1)))
752 << "Should sign data successfully";
753}
754
755TEST_F(KeymasterTest, VerifyData_RSA_Raw_NullKey_Failure) {
756 keymaster_rsa_sign_params_t params = {
757 digest_type: DIGEST_NONE,
758 padding_type: PADDING_NONE,
759 };
760
761 EXPECT_EQ(-1,
762 sDevice->verify_data(sDevice, &params, NULL, 0,
763 TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1),
764 TEST_SIGN_SIGNATURE_BOGUS_1, sizeof(TEST_SIGN_SIGNATURE_BOGUS_1)))
765 << "Should fail when key is null";
766}
767
768TEST_F(KeymasterTest, VerifyData_RSA_NullInput_Failure) {
769 uint8_t* key_blob;
770 size_t key_blob_length;
771
772 ASSERT_EQ(0,
773 sDevice->import_keypair(sDevice, TEST_SIGN_KEY_1, sizeof(TEST_SIGN_KEY_1),
774 &key_blob, &key_blob_length))
775 << "Should successfully import an RSA key";
776 UniqueKey key(&sDevice, key_blob, key_blob_length);
777
778 keymaster_rsa_sign_params_t params = {
779 digest_type: DIGEST_NONE,
780 padding_type: PADDING_NONE,
781 };
782
783 EXPECT_EQ(-1,
784 sDevice->verify_data(sDevice, &params, key_blob, key_blob_length,
785 NULL, 0,
786 TEST_SIGN_SIGNATURE_1, sizeof(TEST_SIGN_SIGNATURE_1)))
787 << "Should fail on null input";
788}
789
790TEST_F(KeymasterTest, VerifyData_RSA_NullSignature_Failure) {
791 uint8_t* key_blob;
792 size_t key_blob_length;
793
794 ASSERT_EQ(0,
795 sDevice->import_keypair(sDevice, TEST_SIGN_KEY_1, sizeof(TEST_SIGN_KEY_1),
796 &key_blob, &key_blob_length))
797 << "Should successfully import an RSA key";
798 UniqueKey key(&sDevice, key_blob, key_blob_length);
799
800 keymaster_rsa_sign_params_t params = {
801 digest_type: DIGEST_NONE,
802 padding_type: PADDING_NONE,
803 };
804
805 EXPECT_EQ(-1,
806 sDevice->verify_data(sDevice, &params, key.get(), key.length(),
807 TEST_SIGN_DATA_1, sizeof(TEST_SIGN_DATA_1),
808 NULL, 0))
809 << "Should fail on null signature";
810}
811
Kenny Root8ae65e72012-03-23 16:17:28 -0700[diff] [blame]812TEST_F(KeymasterTest, EraseAll_Success) {
813 uint8_t *key1_blob, *key2_blob;
814 size_t key1_blob_length, key2_blob_length;
815
816 // Only test this if the device says it supports delete_all
817 if (sDevice->delete_all == NULL) {
818 return;
819 }
820
821 ASSERT_EQ(0,
822 sDevice->import_keypair(sDevice, TEST_SIGN_KEY_1, sizeof(TEST_SIGN_KEY_1),
823 &key1_blob, &key1_blob_length))
824 << "Should successfully import an RSA key";
825 UniqueKey key1(&sDevice, key1_blob, key1_blob_length);
826
827 ASSERT_EQ(0,
828 sDevice->import_keypair(sDevice, TEST_KEY_1, sizeof(TEST_KEY_1),
829 &key2_blob, &key2_blob_length))
830 << "Should successfully import an RSA key";
831 UniqueKey key2(&sDevice, key2_blob, key2_blob_length);
832
833 EXPECT_EQ(0, sDevice->delete_all(sDevice))
834 << "Should erase all keys";
835
836 key1.reset();
837
838 uint8_t* x509_data;
839 size_t x509_data_length;
840 ASSERT_EQ(-1,
841 sDevice->get_keypair_public(sDevice, key1_blob, key1_blob_length,
842 &x509_data, &x509_data_length))
843 << "Should be able to retrieve RSA public key 1 successfully";
844
845 ASSERT_EQ(-1,
846 sDevice->get_keypair_public(sDevice, key2_blob, key2_blob_length,
847 &x509_data, &x509_data_length))
848 << "Should be able to retrieve RSA public key 2 successfully";
849}
850
Kenny Root4fd0db72012-03-16 13:19:07 -0700[diff] [blame]851}