Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 6e0f462354749e16f90a0a1e0abee24178d19580 / . / keystore2 / tests / ffi_test_utils.cpp
blob: 45ce02c2a96109deba21db5cd919b25c6d3eb8ec [file] [log] [blame]
Rajesh Nyamagoud4d483372022-02-09 01:38:23 +0000[diff] [blame]1#include "ffi_test_utils.hpp"
2
3#include <iostream>
4
5#include <KeyMintAidlTestBase.h>
6#include <aidl/android/hardware/security/keymint/ErrorCode.h>
Rajesh Nyamagoudc946cc42022-04-12 22:49:11 +0000[diff] [blame]7#include <keymaster/UniquePtr.h>
Rajesh Nyamagoud4d483372022-02-09 01:38:23 +0000[diff] [blame]8
Rajesh Nyamagoudc946cc42022-04-12 22:49:11 +0000[diff] [blame]9#include <memory>
Rajesh Nyamagoud4d483372022-02-09 01:38:23 +0000[diff] [blame]10#include <vector>
11
Rajesh Nyamagoudc946cc42022-04-12 22:49:11 +0000[diff] [blame]12#include <hardware/keymaster_defs.h>
13#include <keymaster/android_keymaster_utils.h>
14#include <keymaster/keymaster_tags.h>
15
16#include <keymaster/km_openssl/attestation_record.h>
17#include <keymaster/km_openssl/openssl_err.h>
18#include <keymaster/km_openssl/openssl_utils.h>
19#include <openssl/asn1t.h>
20
Rajesh Nyamagoud4d483372022-02-09 01:38:23 +0000[diff] [blame]21using aidl::android::hardware::security::keymint::ErrorCode;
22
23#define TAG_SEQUENCE 0x30
24#define LENGTH_MASK 0x80
25#define LENGTH_VALUE_MASK 0x7F
26
Rajesh Nyamagoudc946cc42022-04-12 22:49:11 +0000[diff] [blame]27/**
28 * ASN.1 structure for `KeyDescription` Schema.
29 * See `IKeyMintDevice.aidl` for documentation of the `KeyDescription` schema.
30 * KeyDescription ::= SEQUENCE(
31 * keyFormat INTEGER, # Values from KeyFormat enum.
32 * keyParams AuthorizationList,
33 * )
34 */
35typedef struct key_description {
36 ASN1_INTEGER* key_format;
37 keymaster::KM_AUTH_LIST* key_params;
38} TEST_KEY_DESCRIPTION;
39
40ASN1_SEQUENCE(TEST_KEY_DESCRIPTION) = {
41 ASN1_SIMPLE(TEST_KEY_DESCRIPTION, key_format, ASN1_INTEGER),
42 ASN1_SIMPLE(TEST_KEY_DESCRIPTION, key_params, keymaster::KM_AUTH_LIST),
43} ASN1_SEQUENCE_END(TEST_KEY_DESCRIPTION);
44DECLARE_ASN1_FUNCTIONS(TEST_KEY_DESCRIPTION);
45
46/**
47 * ASN.1 structure for `SecureKeyWrapper` Schema.
48 * See `IKeyMintDevice.aidl` for documentation of the `SecureKeyWrapper` schema.
49 * SecureKeyWrapper ::= SEQUENCE(
50 * version INTEGER, # Contains value 0
51 * encryptedTransportKey OCTET_STRING,
52 * initializationVector OCTET_STRING,
53 * keyDescription KeyDescription,
54 * encryptedKey OCTET_STRING,
55 * tag OCTET_STRING
56 * )
57 */
58typedef struct secure_key_wrapper {
59 ASN1_INTEGER* version;
60 ASN1_OCTET_STRING* encrypted_transport_key;
61 ASN1_OCTET_STRING* initialization_vector;
62 TEST_KEY_DESCRIPTION* key_desc;
63 ASN1_OCTET_STRING* encrypted_key;
64 ASN1_OCTET_STRING* tag;
65} TEST_SECURE_KEY_WRAPPER;
66
67ASN1_SEQUENCE(TEST_SECURE_KEY_WRAPPER) = {
68 ASN1_SIMPLE(TEST_SECURE_KEY_WRAPPER, version, ASN1_INTEGER),
69 ASN1_SIMPLE(TEST_SECURE_KEY_WRAPPER, encrypted_transport_key, ASN1_OCTET_STRING),
70 ASN1_SIMPLE(TEST_SECURE_KEY_WRAPPER, initialization_vector, ASN1_OCTET_STRING),
71 ASN1_SIMPLE(TEST_SECURE_KEY_WRAPPER, key_desc, TEST_KEY_DESCRIPTION),
72 ASN1_SIMPLE(TEST_SECURE_KEY_WRAPPER, encrypted_key, ASN1_OCTET_STRING),
73 ASN1_SIMPLE(TEST_SECURE_KEY_WRAPPER, tag, ASN1_OCTET_STRING),
74} ASN1_SEQUENCE_END(TEST_SECURE_KEY_WRAPPER);
75DECLARE_ASN1_FUNCTIONS(TEST_SECURE_KEY_WRAPPER);
76
77IMPLEMENT_ASN1_FUNCTIONS(TEST_SECURE_KEY_WRAPPER);
78IMPLEMENT_ASN1_FUNCTIONS(TEST_KEY_DESCRIPTION);
79
80struct TEST_KEY_DESCRIPTION_Delete {
81 void operator()(TEST_KEY_DESCRIPTION* p) { TEST_KEY_DESCRIPTION_free(p); }
82};
83struct TEST_SECURE_KEY_WRAPPER_Delete {
84 void operator()(TEST_SECURE_KEY_WRAPPER* p) { TEST_SECURE_KEY_WRAPPER_free(p); }
85};
86
Rajesh Nyamagoud4d483372022-02-09 01:38:23 +0000[diff] [blame]87/* This function extracts a certificate from the certs_chain_buffer at the given
88 * offset. Each DER encoded certificate starts with TAG_SEQUENCE followed by the
89 * total length of the certificate. The length of the certificate is determined
90 * as per ASN.1 encoding rules for the length octets.
91 *
92 * @param certs_chain_buffer: buffer containing DER encoded X.509 certificates
93 * arranged sequentially.
94 * @data_size: Length of the DER encoded X.509 certificates buffer.
95 * @index: DER encoded X.509 certificates buffer offset.
96 * @cert: Encoded certificate to be extracted from buffer as outcome.
97 * @return: ErrorCode::OK on success, otherwise ErrorCode::UNKNOWN_ERROR.
98 */
99ErrorCode
100extractCertFromCertChainBuffer(uint8_t* certs_chain_buffer, int certs_chain_buffer_size, int& index,
101 aidl::android::hardware::security::keymint::Certificate& cert) {
102 if (index >= certs_chain_buffer_size) {
103 return ErrorCode::UNKNOWN_ERROR;
104 }
105
106 uint32_t length = 0;
107 std::vector<uint8_t> cert_bytes;
108 if (certs_chain_buffer[index] == TAG_SEQUENCE) {
109 // Short form. One octet. Bit 8 has value "0" and bits 7-1 give the length.
110 if (0 == (certs_chain_buffer[index + 1] & LENGTH_MASK)) {
111 length = (uint32_t)certs_chain_buffer[index];
112 // Add SEQ and Length fields
113 length += 2;
114 } else {
115 // Long form. Two to 127 octets. Bit 8 of first octet has value "1" and
116 // bits 7-1 give the number of additional length octets. Second and following
117 // octets give the actual length.
118 int additionalBytes = certs_chain_buffer[index + 1] & LENGTH_VALUE_MASK;
119 if (additionalBytes == 0x01) {
120 length = certs_chain_buffer[index + 2];
121 // Add SEQ and Length fields
122 length += 3;
123 } else if (additionalBytes == 0x02) {
124 length = (certs_chain_buffer[index + 2] << 8 | certs_chain_buffer[index + 3]);
125 // Add SEQ and Length fields
126 length += 4;
127 } else if (additionalBytes == 0x04) {
128 length = certs_chain_buffer[index + 2] << 24;
129 length |= certs_chain_buffer[index + 3] << 16;
130 length |= certs_chain_buffer[index + 4] << 8;
131 length |= certs_chain_buffer[index + 5];
132 // Add SEQ and Length fields
133 length += 6;
134 } else {
135 // Length is larger than uint32_t max limit.
136 return ErrorCode::UNKNOWN_ERROR;
137 }
138 }
139 cert_bytes.insert(cert_bytes.end(), (certs_chain_buffer + index),
140 (certs_chain_buffer + index + length));
141 index += length;
142
143 for (int i = 0; i < cert_bytes.size(); i++) {
144 cert.encodedCertificate = std::move(cert_bytes);
145 }
146 } else {
147 // SEQUENCE TAG MISSING.
148 return ErrorCode::UNKNOWN_ERROR;
149 }
150
151 return ErrorCode::OK;
152}
153
154ErrorCode getCertificateChain(
155 rust::Vec<rust::u8>& chainBuffer,
156 std::vector<aidl::android::hardware::security::keymint::Certificate>& certChain) {
157 uint8_t* data = chainBuffer.data();
158 int index = 0;
159 int data_size = chainBuffer.size();
160
161 while (index < data_size) {
162 aidl::android::hardware::security::keymint::Certificate cert =
163 aidl::android::hardware::security::keymint::Certificate();
164 if (extractCertFromCertChainBuffer(data, data_size, index, cert) != ErrorCode::OK) {
165 return ErrorCode::UNKNOWN_ERROR;
166 }
167 certChain.push_back(std::move(cert));
168 }
169 return ErrorCode::OK;
170}
171
172bool validateCertChain(rust::Vec<rust::u8> cert_buf, uint32_t cert_len, bool strict_issuer_check) {
173 std::vector<aidl::android::hardware::security::keymint::Certificate> cert_chain =
174 std::vector<aidl::android::hardware::security::keymint::Certificate>();
175 if (cert_len <= 0) {
176 return false;
177 }
178 if (getCertificateChain(cert_buf, cert_chain) != ErrorCode::OK) {
179 return false;
180 }
181
182 for (int i = 0; i < cert_chain.size(); i++) {
183 std::cout << cert_chain[i].toString() << "\n";
184 }
185 auto result = aidl::android::hardware::security::keymint::test::ChainSignaturesAreValid(
186 cert_chain, strict_issuer_check);
187
188 if (result == testing::AssertionSuccess()) return true;
189
190 return false;
191}
Rajesh Nyamagoudc946cc42022-04-12 22:49:11 +0000[diff] [blame]192
193/**
194 * Below mentioned key parameters are used to create authorization list of
195 * secure key.
196 * Algorithm: AES-256
197 * Padding: PKCS7
198 * Blockmode: ECB
199 * Purpose: Encrypt, Decrypt
200 */
201keymaster::AuthorizationSet build_wrapped_key_auth_list() {
202 return keymaster::AuthorizationSet(keymaster::AuthorizationSetBuilder()
203 .AesEncryptionKey(256)
204 .Authorization(keymaster::TAG_BLOCK_MODE, KM_MODE_ECB)
205 .Authorization(keymaster::TAG_PADDING, KM_PAD_PKCS7)
206 .Authorization(keymaster::TAG_NO_AUTH_REQUIRED));
207}
208
209/**
210 * Creates ASN.1 DER-encoded data corresponding to `KeyDescription` schema as
211 * AAD. See `IKeyMintDevice.aidl` for documentation of the `KeyDescription` schema.
212 */
213CxxResult buildAsn1DerEncodedWrappedKeyDescription() {
214 CxxResult cxx_result{};
215 keymaster_error_t error;
216 cxx_result.error = KM_ERROR_OK;
217
218 keymaster::UniquePtr<TEST_KEY_DESCRIPTION, TEST_KEY_DESCRIPTION_Delete> key_description(
219 TEST_KEY_DESCRIPTION_new());
220 if (!key_description.get()) {
221 cxx_result.error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
222 return cxx_result;
223 }
224
225 // Fill secure key authorizations.
226 keymaster::AuthorizationSet auth_list = build_wrapped_key_auth_list();
227 error = build_auth_list(auth_list, key_description->key_params);
228 if (error != KM_ERROR_OK) {
229 cxx_result.error = error;
230 return cxx_result;
231 }
232
233 // Fill secure key format.
234 if (!ASN1_INTEGER_set(key_description->key_format, KM_KEY_FORMAT_RAW)) {
235 cxx_result.error = keymaster::TranslateLastOpenSslError();
236 return cxx_result;
237 }
238
239 // Perform ASN.1 DER encoding of KeyDescription.
240 size_t asn1_data_len = i2d_TEST_KEY_DESCRIPTION(key_description.get(), nullptr);
241 if (asn1_data_len < 0) {
242 cxx_result.error = keymaster::TranslateLastOpenSslError();
243 return cxx_result;
244 }
245 std::vector<uint8_t> asn1_data(asn1_data_len, 0);
246
247 if (!asn1_data.data()) {
248 cxx_result.error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
249 return cxx_result;
250 }
251
252 uint8_t* p = asn1_data.data();
253 asn1_data_len = i2d_TEST_KEY_DESCRIPTION(key_description.get(), &p);
254 if (asn1_data_len < 0) {
255 cxx_result.error = keymaster::TranslateLastOpenSslError();
256 return cxx_result;
257 }
258
259 std::move(asn1_data.begin(), asn1_data.end(), std::back_inserter(cxx_result.data));
260
261 return cxx_result;
262}
263
264/**
265 * Creates wrapped key material to import in ASN.1 DER-encoded data corresponding to
266 * `SecureKeyWrapper` schema. See `IKeyMintDevice.aidl` for documentation of the `SecureKeyWrapper`
267 * schema.
268 */
269CxxResult createWrappedKey(rust::Vec<rust::u8> encrypted_secure_key,
270 rust::Vec<rust::u8> encrypted_transport_key, rust::Vec<rust::u8> iv,
271 rust::Vec<rust::u8> tag) {
272 CxxResult cxx_result{};
273 keymaster_error_t error;
274 cxx_result.error = KM_ERROR_OK;
275
276 uint8_t* enc_secure_key_data = encrypted_secure_key.data();
277 int enc_secure_key_size = encrypted_secure_key.size();
278
279 uint8_t* iv_data = iv.data();
280 int iv_size = iv.size();
281
282 uint8_t* tag_data = tag.data();
283 int tag_size = tag.size();
284
285 uint8_t* enc_transport_key_data = encrypted_transport_key.data();
286 int enc_transport_key_size = encrypted_transport_key.size();
287
288 keymaster::UniquePtr<TEST_SECURE_KEY_WRAPPER, TEST_SECURE_KEY_WRAPPER_Delete> sec_key_wrapper(
289 TEST_SECURE_KEY_WRAPPER_new());
290 if (!sec_key_wrapper.get()) {
291 cxx_result.error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
292 return cxx_result;
293 }
294
295 // Fill version = 0
296 if (!ASN1_INTEGER_set(sec_key_wrapper->version, 0)) {
297 cxx_result.error = keymaster::TranslateLastOpenSslError();
298 return cxx_result;
299 }
300
301 // Fill encrypted transport key.
302 if (enc_transport_key_size &&
303 !ASN1_OCTET_STRING_set(sec_key_wrapper->encrypted_transport_key, enc_transport_key_data,
304 enc_transport_key_size)) {
305 cxx_result.error = keymaster::TranslateLastOpenSslError();
306 return cxx_result;
307 }
308
309 // Fill encrypted secure key.
310 if (enc_secure_key_size && !ASN1_OCTET_STRING_set(sec_key_wrapper->encrypted_key,
311 enc_secure_key_data, enc_secure_key_size)) {
312 cxx_result.error = keymaster::TranslateLastOpenSslError();
313 return cxx_result;
314 }
315
316 // Fill secure key authorization list.
317 keymaster::AuthorizationSet auth_list = build_wrapped_key_auth_list();
318 error = build_auth_list(auth_list, sec_key_wrapper->key_desc->key_params);
319 if (error != KM_ERROR_OK) {
320 cxx_result.error = error;
321 return cxx_result;
322 }
323
324 // Fill secure key format.
325 if (!ASN1_INTEGER_set(sec_key_wrapper->key_desc->key_format, KM_KEY_FORMAT_RAW)) {
326 cxx_result.error = keymaster::TranslateLastOpenSslError();
327 return cxx_result;
328 }
329
330 // Fill initialization vector used for encrypting secure key.
331 if (iv_size &&
332 !ASN1_OCTET_STRING_set(sec_key_wrapper->initialization_vector, iv_data, iv_size)) {
333 cxx_result.error = keymaster::TranslateLastOpenSslError();
334 return cxx_result;
335 }
336
337 // Fill GCM-tag, extracted during secure key encryption.
338 if (tag_size && !ASN1_OCTET_STRING_set(sec_key_wrapper->tag, tag_data, tag_size)) {
339 cxx_result.error = keymaster::TranslateLastOpenSslError();
340 return cxx_result;
341 }
342
343 // ASN.1 DER-encoding of secure key wrapper.
344 size_t asn1_data_len = i2d_TEST_SECURE_KEY_WRAPPER(sec_key_wrapper.get(), nullptr);
345 if (asn1_data_len < 0) {
346 cxx_result.error = keymaster::TranslateLastOpenSslError();
347 return cxx_result;
348 }
349 std::vector<uint8_t> asn1_data(asn1_data_len, 0);
350
351 if (!asn1_data.data()) {
352 cxx_result.error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
353 return cxx_result;
354 }
355
356 uint8_t* p = asn1_data.data();
357 asn1_data_len = i2d_TEST_SECURE_KEY_WRAPPER(sec_key_wrapper.get(), &p);
358 if (asn1_data_len < 0) {
359 cxx_result.error = keymaster::TranslateLastOpenSslError();
360 return cxx_result;
361 }
362
363 std::move(asn1_data.begin(), asn1_data.end(), std::back_inserter(cxx_result.data));
364
365 return cxx_result;
366}