| Eran Messeri | 03fc4c8 | 2018-08-16 18:53:15 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2018 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #include <gtest/gtest.h> |
| 18 | |
| 19 | #include <string> |
| 20 | #include <utils/String16.h> |
| 21 | |
| 22 | #include "../keystore_attestation_id.h" |
| 23 | #include <keymaster/logger.h> |
| 24 | |
| 25 | #include <keystore/KeyAttestationApplicationId.h> |
| 26 | #include <keystore/KeyAttestationPackageInfo.h> |
| 27 | #include <keystore/Signature.h> |
| 28 | |
| 29 | using ::android::String16; |
| 30 | using ::android::security::KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE; |
| 31 | using ::android::security::keymaster::KeyAttestationApplicationId; |
| 32 | using ::android::security::keymaster::KeyAttestationPackageInfo; |
| 33 | using std::vector; |
| 34 | |
| 35 | namespace keystore { |
| 36 | |
| 37 | namespace test { |
| 38 | |
| 39 | namespace { |
| 40 | |
| 41 | constexpr const char* kDummyPackageName = "DummyPackage"; |
| 42 | |
| 43 | constexpr const char* kLongPackageName = |
| 44 | "a.long.package.name" |
| 45 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 46 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 47 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 48 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 49 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 50 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 51 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 52 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 53 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 54 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 55 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 56 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"; |
| 57 | |
| 58 | constexpr const char* kReasonablePackageName = |
| 59 | "a.reasonable.length.package.name" |
| 60 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 61 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 62 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| 63 | "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"; |
| 64 | |
| 65 | constexpr const size_t kTooManyPackages = 4; |
| 66 | |
| 67 | // Signatures should be 32 bytes |
| 68 | constexpr const uint8_t kDummySignature[32] = { |
| 69 | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, |
| 70 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}; |
| 71 | constexpr const size_t kTooManySignatures = 35; |
| 72 | |
| 73 | } // namespace |
| 74 | |
| 75 | using ::android::content::pm::Signature; |
| 76 | using ::android::security::build_attestation_application_id; |
| 77 | |
| 78 | std::unique_ptr<KeyAttestationPackageInfo> |
| 79 | make_package_info_with_signatures(const char* package_name, |
| 80 | KeyAttestationPackageInfo::SignaturesVector signatures) { |
| 81 | return std::make_unique<KeyAttestationPackageInfo>( |
| 82 | String16(package_name), 1 /* version code */, |
| 83 | std::make_shared<KeyAttestationPackageInfo::SignaturesVector>(std::move(signatures))); |
| 84 | } |
| 85 | |
| 86 | std::unique_ptr<KeyAttestationPackageInfo> make_package_info(const char* package_name) { |
| 87 | return make_package_info_with_signatures(package_name, |
| 88 | KeyAttestationPackageInfo::SignaturesVector()); |
| 89 | } |
| 90 | |
| 91 | TEST(AaidTruncationTest, shortPackageInfoTest) { |
| 92 | KeyAttestationApplicationId app_id(make_package_info(kDummyPackageName)); |
| 93 | |
| 94 | auto result = build_attestation_application_id(app_id); |
| 95 | ASSERT_TRUE(result.isOk()); |
| 96 | std::vector<uint8_t>& encoded_app_id = result; |
| 97 | ASSERT_LT(encoded_app_id.size(), KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE); |
| 98 | } |
| 99 | |
| 100 | TEST(AaidTruncationTest, tooLongPackageNameTest) { |
| 101 | KeyAttestationApplicationId app_id(make_package_info(kLongPackageName)); |
| 102 | |
| 103 | auto result = build_attestation_application_id(app_id); |
| 104 | ASSERT_TRUE(result.isOk()); |
| 105 | std::vector<uint8_t>& encoded_app_id = result; |
| 106 | ASSERT_LT(encoded_app_id.size(), KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE); |
| 107 | } |
| 108 | |
| 109 | TEST(AaidTruncationTest, tooManySignaturesTest) { |
| 110 | std::vector<uint8_t> dummy_sig_data(kDummySignature, kDummySignature + 32); |
| 111 | KeyAttestationPackageInfo::SignaturesVector signatures; |
| 112 | // Add 35 signatures which will surely exceed the 1K limit. |
| 113 | for (size_t i = 0; i < kTooManySignatures; ++i) { |
| 114 | signatures.push_back(std::make_unique<Signature>(dummy_sig_data)); |
| 115 | } |
| 116 | |
| 117 | KeyAttestationApplicationId app_id( |
| 118 | make_package_info_with_signatures(kDummyPackageName, std::move(signatures))); |
| 119 | |
| 120 | auto result = build_attestation_application_id(app_id); |
| 121 | ASSERT_TRUE(result.isOk()); |
| 122 | std::vector<uint8_t>& encoded_app_id = result; |
| 123 | ASSERT_LT(encoded_app_id.size(), KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE); |
| 124 | } |
| 125 | |
| 126 | TEST(AaidTruncationTest, combinedPackagesAndSignaturesTest) { |
| 127 | std::vector<uint8_t> dummy_sig_data(kDummySignature, kDummySignature + 32); |
| 128 | KeyAttestationApplicationId::PackageInfoVector packages; |
| 129 | |
| 130 | for (size_t i = 0; i < kTooManyPackages; ++i) { |
| 131 | KeyAttestationPackageInfo::SignaturesVector signatures; |
| 132 | // Add a few signatures for each package |
| 133 | for (int j = 0; j < 3; ++j) { |
| 134 | signatures.push_back(std::make_unique<Signature>(dummy_sig_data)); |
| 135 | } |
| 136 | packages.push_back( |
| 137 | make_package_info_with_signatures(kReasonablePackageName, std::move(signatures))); |
| 138 | } |
| 139 | |
| 140 | KeyAttestationApplicationId app_id(std::move(packages)); |
| 141 | auto result = build_attestation_application_id(app_id); |
| 142 | ASSERT_TRUE(result.isOk()); |
| 143 | std::vector<uint8_t>& encoded_app_id = result; |
| 144 | ASSERT_LT(encoded_app_id.size(), KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE); |
| 145 | } |
| 146 | |
| 147 | } // namespace test |
| 148 | } // namespace keystore |