1 /*############################################################################ 2 # Copyright 2016-2017 Intel Corporation 3 # 4 # Licensed under the Apache License, Version 2.0 (the "License"); 5 # you may not use this file except in compliance with the License. 6 # You may obtain a copy of the License at 7 # 8 # http://www.apache.org/licenses/LICENSE-2.0 9 # 10 # Unless required by applicable law or agreed to in writing, software 11 # distributed under the License is distributed on an "AS IS" BASIS, 12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 # See the License for the specific language governing permissions and 14 # limitations under the License. 15 ############################################################################*/ 16 17 /*! 18 * \file 19 * \brief Member unit tests. 20 */ 21 #include <cstring> 22 #include <vector> 23 24 #include "epid/common-testhelper/epid_gtest-testhelper.h" 25 #include "gtest/gtest.h" 26 27 #include "epid/common-testhelper/epid2params_wrapper-testhelper.h" 28 #include "epid/common-testhelper/errors-testhelper.h" 29 #include "epid/common-testhelper/mem_params-testhelper.h" 30 #include "epid/common-testhelper/prng-testhelper.h" 31 #include "epid/member/tpm2/unittests/tpm2-testhelper.h" 32 #include "epid/member/unittests/member-testhelper.h" 33 34 extern "C" { 35 #include "epid/member/api.h" 36 #include "epid/member/src/context.h" 37 #include "epid/member/src/storage.h" 38 #include "epid/member/src/write_precomp.h" 39 #include "epid/member/tpm2/nv.h" 40 } 41 bool operator==(MemberPrecomp const& lhs, MemberPrecomp const& rhs) { 42 return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs)); 43 } 44 /// compares GroupPubKey values 45 bool operator==(GroupPubKey const& lhs, GroupPubKey const& rhs); 46 47 /// compares MembershipCredential values 48 bool operator==(MembershipCredential const& lhs, 49 MembershipCredential const& rhs); 50 namespace { 51 ////////////////////////////////////////////////////////////////////////// 52 // EpidMemberDeinit Tests 53 TEST_F(EpidMemberTest, DeinitWorksGivenNullMemberCtx) { 54 EpidMemberDeinit(nullptr); 55 } 56 57 ////////////////////////////////////////////////////////////////////////// 58 // EpidMemberGetSize Tests 59 TEST_F(EpidMemberTest, GetSizeFailsGivenNullParams) { 60 size_t ctx_size = 0; 61 MemberParams params = {0}; 62 EXPECT_EQ(kEpidBadArgErr, EpidMemberGetSize(¶ms, nullptr)); 63 EXPECT_EQ(kEpidBadArgErr, EpidMemberGetSize(nullptr, &ctx_size)); 64 EXPECT_EQ(kEpidBadArgErr, EpidMemberGetSize(nullptr, nullptr)); 65 } 66 67 ////////////////////////////////////////////////////////////////////////// 68 // EpidMemberGetSize Tests 69 TEST_F(EpidMemberTest, GetSizeWorksGivenValidParams) { 70 size_t ctx_size = 0; 71 Prng my_prng; 72 MemberParams params = {0}; 73 SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); 74 EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); 75 } 76 77 ////////////////////////////////////////////////////////////////////////// 78 // EpidMemberInit Tests 79 TEST_F(EpidMemberTest, InitFailsGivenNullParameters) { 80 size_t ctx_size = 0; 81 MemberCtx* ctx = nullptr; 82 Prng my_prng; 83 MemberParams params = {0}; 84 std::vector<uint8_t> ctx_buf; 85 SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); 86 EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); 87 ctx_buf.resize(ctx_size); 88 ctx = (MemberCtx*)&ctx_buf[0]; 89 90 EXPECT_EQ(kEpidBadArgErr, EpidMemberInit(nullptr, nullptr)); 91 EXPECT_EQ(kEpidBadArgErr, EpidMemberInit(¶ms, nullptr)); 92 EXPECT_EQ(kEpidBadArgErr, EpidMemberInit(nullptr, ctx)); 93 } 94 95 TEST_F(EpidMemberTest, InitFailsGivenInvalidParameters) { 96 FpElemStr f = { 97 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 98 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 99 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 100 }; 101 size_t ctx_size = 0; 102 MemberCtx* ctx = nullptr; 103 Prng my_prng; 104 MemberParams params = {0}; 105 std::vector<uint8_t> ctx_buf; 106 SetMemberParams(&Prng::Generate, &my_prng, &f, ¶ms); 107 EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); 108 ctx_buf.resize(ctx_size); 109 ctx = (MemberCtx*)&ctx_buf[0]; 110 111 EXPECT_EQ(kEpidBadArgErr, EpidMemberInit(¶ms, ctx)); 112 } 113 114 TEST_F(EpidMemberTest, InitSucceedsGivenValidParameters) { 115 FpElemStr f = { 116 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 117 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 118 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 119 }; 120 size_t ctx_size = 0; 121 MemberCtx* ctx = nullptr; 122 Prng my_prng; 123 MemberParams params = {0}; 124 std::vector<uint8_t> ctx_buf; 125 SetMemberParams(&Prng::Generate, &my_prng, &f, ¶ms); 126 EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); 127 ctx_buf.resize(ctx_size); 128 ctx = (MemberCtx*)&ctx_buf[0]; 129 130 EXPECT_EQ(kEpidNoErr, EpidMemberInit(¶ms, ctx)); 131 EpidMemberDeinit(ctx); 132 } 133 134 TEST_F(EpidMemberTest, InitSucceedsGivenValidParametersWithNoF) { 135 size_t ctx_size = 0; 136 MemberCtx* ctx = nullptr; 137 Prng my_prng; 138 MemberParams params = {0}; 139 std::vector<uint8_t> ctx_buf; 140 SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); 141 EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); 142 ctx_buf.resize(ctx_size); 143 ctx = (MemberCtx*)&ctx_buf[0]; 144 145 EXPECT_EQ(kEpidNoErr, EpidMemberInit(¶ms, ctx)); 146 EpidMemberDeinit(ctx); 147 } 148 149 ////////////////////////////////////////////////////////////////////////// 150 // EpidMemberDelete Tests 151 TEST_F(EpidMemberTest, DeleteWorksGivenNullMemberCtx) { 152 EpidMemberDelete(nullptr); 153 MemberCtx* member_ctx = nullptr; 154 EpidMemberDelete(&member_ctx); 155 } 156 TEST_F(EpidMemberTest, DeleteNullsMemberCtx) { 157 MemberCtx* ctx = nullptr; 158 Prng my_prng; 159 MemberParams params = {0}; 160 SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); 161 THROW_ON_EPIDERR(EpidMemberCreate(¶ms, &ctx)); 162 EpidMemberDelete(&ctx); 163 EXPECT_EQ(nullptr, ctx); 164 } 165 166 ////////////////////////////////////////////////////////////////////////// 167 // EpidMemberCreate Tests 168 // test that create fails if any mandatory parameters are NULL 169 TEST_F(EpidMemberTest, CreateFailsGivenNullParameters) { 170 MemberCtx* ctx = nullptr; 171 Prng my_prng; 172 MemberParams params = {0}; 173 EXPECT_EQ(kEpidBadArgErr, EpidMemberCreate(nullptr, &ctx)); 174 175 SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); 176 EXPECT_EQ(kEpidBadArgErr, EpidMemberCreate(¶ms, nullptr)); 177 178 SetMemberParams(nullptr, &my_prng, nullptr, ¶ms); 179 EXPECT_EQ(kEpidBadArgErr, EpidMemberCreate(¶ms, nullptr)); 180 } 181 182 TEST_F(EpidMemberTest, CreateFailsGivenInvalidParameters) { 183 MemberCtx* ctx = nullptr; 184 Prng my_prng; 185 MemberParams params = {0}; 186 FpElemStr f = { 187 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 188 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 189 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 190 }; 191 SetMemberParams(&Prng::Generate, &my_prng, &f, ¶ms); 192 EXPECT_EQ(kEpidBadArgErr, EpidMemberCreate(¶ms, &ctx)); 193 EpidMemberDelete(&ctx); 194 } 195 196 TEST_F(EpidMemberTest, CreateSucceedsGivenValidParameters) { 197 MemberCtx* ctx = nullptr; 198 Prng my_prng; 199 MemberParams params = {0}; 200 SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); 201 EXPECT_EQ(kEpidNoErr, EpidMemberCreate(¶ms, &ctx)); 202 EpidMemberDelete(&ctx); 203 } 204 205 ////////////////////////////////////////////////////////////////////////// 206 // EpidMemberStartup 207 TEST_F(EpidMemberTest, StartupFailsGivenNullParameters) { 208 EXPECT_EQ(kEpidBadArgErr, EpidMemberStartup(nullptr)); 209 } 210 211 TEST_F(EpidMemberTest, StartupSucceedsGivenValidParameters) { 212 Prng prng; 213 GroupPubKey pub_key = this->kGroupPublicKey; 214 PrivKey priv_key = this->kMemberPrivateKey; 215 MemberParams params = {0}; 216 SetMemberParams(&Prng::Generate, &prng, nullptr, ¶ms); 217 MemberCtxObj member(¶ms); 218 EXPECT_EQ(kEpidNoErr, EpidProvisionKey(member, &pub_key, &priv_key, nullptr)); 219 MembershipCredential credential_expected = ((MemberCtx*)member)->credential; 220 // reset member credential to test if startup reads them from NV memory 221 // correctly 222 ((MemberCtx*)member)->pub_key = {0}; 223 ((MemberCtx*)member)->credential = {0}; 224 EXPECT_EQ(kEpidNoErr, EpidMemberStartup(member)); 225 EXPECT_EQ(pub_key, ((MemberCtx*)member)->pub_key); 226 EXPECT_EQ(credential_expected, ((MemberCtx*)member)->credential); 227 } 228 229 ////////////////////////////////////////////////////////////////////////// 230 // EpidMemberSetHashAlg 231 TEST_F(EpidMemberTest, SetHashAlgFailsGivenNullPtr) { 232 EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(nullptr, kSha256)); 233 } 234 TEST_F(EpidMemberTest, CanSetHashAlgoToSHA256) { 235 Prng my_prng; 236 MemberCtxObj member_ctx(&Prng::Generate, &my_prng); 237 EXPECT_EQ(kEpidNoErr, EpidMemberSetHashAlg(member_ctx, kSha256)); 238 } 239 TEST_F(EpidMemberTest, CanSetHashAlgoToSHA384) { 240 Prng my_prng; 241 MemberCtxObj member_ctx(&Prng::Generate, &my_prng); 242 EXPECT_EQ(kEpidNoErr, EpidMemberSetHashAlg(member_ctx, kSha384)); 243 } 244 TEST_F(EpidMemberTest, CanSetHashAlgoToSHA512) { 245 Prng my_prng; 246 MemberCtxObj member_ctx(&Prng::Generate, &my_prng); 247 EXPECT_EQ(kEpidNoErr, EpidMemberSetHashAlg(member_ctx, kSha512)); 248 } 249 TEST_F(EpidMemberTest, CanSetHashAlgoToSHA512256) { 250 Prng my_prng; 251 MemberCtxObj member_ctx(&Prng::Generate, &my_prng); 252 EXPECT_EQ(kEpidNoErr, EpidMemberSetHashAlg(member_ctx, kSha512_256)); 253 } 254 TEST_F(EpidMemberTest, SetHashAlgFailsForNonSupportedAlgorithm) { 255 Prng my_prng; 256 MemberCtxObj member_ctx(&Prng::Generate, &my_prng); 257 EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(member_ctx, kSha3_256)); 258 EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(member_ctx, kSha3_384)); 259 EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(member_ctx, kSha3_512)); 260 EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(member_ctx, (HashAlg)-1)); 261 } 262 ////////////////////////////////////////////////////////////////////////// 263 // EpidMemberSetSigRl 264 TEST_F(EpidMemberTest, SetSigRlFailsGivenNullPointer) { 265 Prng my_prng; 266 MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, 267 &Prng::Generate, &my_prng); 268 SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; 269 srl.gid = this->kGroupPublicKey.gid; 270 EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(nullptr, &srl, sizeof(SigRl))); 271 EXPECT_EQ(kEpidBadArgErr, 272 EpidMemberSetSigRl(member_ctx, nullptr, sizeof(SigRl))); 273 } 274 TEST_F(EpidMemberTest, SetSigRlFailsGivenZeroSize) { 275 Prng my_prng; 276 MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, 277 &Prng::Generate, &my_prng); 278 SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; 279 srl.gid = this->kGroupPublicKey.gid; 280 EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, &srl, 0)); 281 } 282 // Size parameter must be at least big enough for n2 == 0 case 283 TEST_F(EpidMemberTest, SetSigRlFailsGivenTooSmallSize) { 284 Prng my_prng; 285 MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, 286 &Prng::Generate, &my_prng); 287 SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; 288 srl.gid = this->kGroupPublicKey.gid; 289 EXPECT_EQ( 290 kEpidBadArgErr, 291 EpidMemberSetSigRl(member_ctx, &srl, (sizeof(srl) - sizeof(srl.bk)) - 1)); 292 srl.n2 = this->kOctStr32_1; 293 EXPECT_EQ( 294 kEpidBadArgErr, 295 EpidMemberSetSigRl(member_ctx, &srl, (sizeof(srl) - sizeof(srl.bk)) - 1)); 296 } 297 TEST_F(EpidMemberTest, SetSigRlFailsGivenN2TooBigForSize) { 298 Prng my_prng; 299 MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, 300 &Prng::Generate, &my_prng); 301 SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; 302 srl.gid = this->kGroupPublicKey.gid; 303 srl.n2 = this->kOctStr32_1; 304 EXPECT_EQ(kEpidBadArgErr, 305 EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl) - sizeof(srl.bk))); 306 } 307 TEST_F(EpidMemberTest, SetSigRlFailsGivenN2TooSmallForSize) { 308 Prng my_prng; 309 MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, 310 &Prng::Generate, &my_prng); 311 SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; 312 srl.gid = this->kGroupPublicKey.gid; 313 EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl))); 314 } 315 TEST_F(EpidMemberTest, SetSigRlFailsGivenBadGroupId) { 316 Prng my_prng; 317 MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, 318 &Prng::Generate, &my_prng); 319 SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; 320 srl.gid = this->kGroupPublicKey.gid; 321 srl.gid.data[0] = ~srl.gid.data[0]; 322 EXPECT_EQ(kEpidBadArgErr, 323 EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl) - sizeof(srl.bk))); 324 } 325 TEST_F(EpidMemberTest, SetSigRlFailsGivenEmptySigRlFromDifferentGroup) { 326 Prng my_prng; 327 MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, 328 &Prng::Generate, &my_prng); 329 SigRl const* sig_rl = reinterpret_cast<SigRl const*>(this->kGrpXSigRl.data()); 330 size_t sig_rl_size = this->kGrpXSigRl.size(); 331 EXPECT_EQ(kEpidBadArgErr, 332 EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); 333 } 334 TEST_F(EpidMemberTest, SetSigRlFailsGivenOldVersion) { 335 Prng my_prng; 336 MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, 337 &Prng::Generate, &my_prng); 338 SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; 339 srl.gid = this->kGroupPublicKey.gid; 340 srl.version = this->kOctStr32_1; 341 EXPECT_EQ(kEpidNoErr, 342 EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl) - sizeof(srl.bk))); 343 OctStr32 octstr32_0 = {0x00, 0x00, 0x00, 0x00}; 344 srl.version = octstr32_0; 345 EXPECT_EQ(kEpidBadArgErr, 346 EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl) - sizeof(srl.bk))); 347 } 348 TEST_F(EpidMemberTest, SetSigRlPreservesOldRlOnFailure) { 349 Prng my_prng; 350 MemberCtxObj member_ctx(this->kGrpXKey, this->kGrpXSigrevokedMember0PrivKey, 351 &Prng::Generate, &my_prng); 352 SigRl const* sig_rl = reinterpret_cast<SigRl const*>(this->kGrpXSigRl.data()); 353 size_t sig_rl_size = this->kGrpXSigRl.size(); 354 EXPECT_EQ(kEpidNoErr, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); 355 // wrong sigrl contains revoked member0 and has lower version 356 SigRl const* wrong_sig_rl = 357 reinterpret_cast<SigRl const*>(this->kGrpXSigRlSingleEntry.data()); 358 size_t wrong_sig_rl_size = this->kGrpXSigRlSingleEntry.size(); 359 EXPECT_EQ(kEpidBadArgErr, 360 EpidMemberSetSigRl(member_ctx, wrong_sig_rl, wrong_sig_rl_size)); 361 auto& msg = this->kMsg0; 362 std::vector<uint8_t> sig_data(EpidGetSigSize(sig_rl)); 363 EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data()); 364 size_t sig_len = sig_data.size() * sizeof(uint8_t); 365 // Check that sigrevoked member is still in SigRl 366 EXPECT_EQ(kEpidSigRevokedInSigRl, EpidSign(member_ctx, msg.data(), msg.size(), 367 nullptr, 0, sig, sig_len)); 368 } 369 TEST_F(EpidMemberTest, SetSigRlWorksGivenValidSigRl) { 370 Prng my_prng; 371 MemberCtxObj member_ctx(this->kGrpXKey, this->kGrpXMember0PrivKey, 372 &Prng::Generate, &my_prng); 373 SigRl const* sig_rl = reinterpret_cast<SigRl const*>(this->kGrpXSigRl.data()); 374 size_t sig_rl_size = this->kGrpXSigRl.size(); 375 EXPECT_EQ(kEpidNoErr, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); 376 } 377 TEST_F(EpidMemberTest, SetSigRlWorksGivenEmptySigRl) { 378 Prng my_prng; 379 MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, 380 &Prng::Generate, &my_prng); 381 uint8_t sig_rl_data_n2_zero[] = { 382 // gid 383 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 384 0x00, 0x00, 0x00, 0x01, 385 // version 386 0x00, 0x00, 0x00, 0x00, 387 // n2 388 0x0, 0x00, 0x00, 0x00, 389 // not bk's 390 }; 391 SigRl* sig_rl = reinterpret_cast<SigRl*>(sig_rl_data_n2_zero); 392 size_t sig_rl_size = sizeof(sig_rl_data_n2_zero); 393 EXPECT_EQ(kEpidNoErr, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); 394 } 395 TEST_F(EpidMemberTest, SetSigRlWorksGivenSigRlWithOneEntry) { 396 Prng my_prng; 397 MemberCtxObj member_ctx(this->kGrpXKey, this->kGrpXMember0PrivKey, 398 &Prng::Generate, &my_prng); 399 SigRl const* sig_rl = 400 reinterpret_cast<SigRl const*>(this->kGrpXSigRlSingleEntry.data()); 401 size_t sig_rl_size = this->kGrpXSigRlSingleEntry.size(); 402 EXPECT_EQ(kEpidNoErr, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); 403 } 404 TEST_F(EpidMemberTest, SetSigRlFailsIfNotProvisioned) { 405 Prng my_prng; 406 MemberCtxObj member_ctx(&Prng::Generate, &my_prng); 407 uint8_t sig_rl_data[] = { 408 // gid 409 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 410 0x00, 0x00, 0x00, 0x01, 411 // version 412 0x00, 0x00, 0x00, 0x00, 413 // n2 414 0x0, 0x00, 0x00, 0x00, 415 // not bk's 416 }; 417 SigRl* sig_rl = reinterpret_cast<SigRl*>(sig_rl_data); 418 size_t sig_rl_size = sizeof(sig_rl_data); 419 EXPECT_EQ(kEpidOutOfSequenceError, 420 EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); 421 } 422 ////////////////////////////////////////////////////////////////////////// 423 // EpidRegisterBasename 424 TEST_F(EpidMemberTest, RegisterBaseNameFailsGivenNullPtr) { 425 Prng my_prng; 426 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 427 this->kMemberPrecomp, &Prng::Generate, &my_prng); 428 std::vector<uint8_t> basename = {'_', 'b', 'a', 's', 'e', 'n', 'a', 'm', 'e'}; 429 EXPECT_EQ(kEpidBadArgErr, 430 EpidRegisterBasename(member, nullptr, basename.size())); 431 EXPECT_EQ(kEpidBadArgErr, 432 EpidRegisterBasename(nullptr, basename.data(), basename.size())); 433 } 434 TEST_F(EpidMemberTest, RegisterBaseNameFailsGivenDuplicateBaseName) { 435 Prng my_prng; 436 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 437 this->kMemberPrecomp, &Prng::Generate, &my_prng); 438 std::vector<uint8_t> basename = {'d', 'b', 'a', 's', 'e', 'n', 'a', 'm', 'e'}; 439 EXPECT_EQ(kEpidNoErr, 440 EpidRegisterBasename(member, basename.data(), basename.size())); 441 EXPECT_EQ(kEpidDuplicateErr, 442 EpidRegisterBasename(member, basename.data(), basename.size())); 443 } 444 TEST_F(EpidMemberTest, RegisterBaseNameFailsGivenInvalidBaseName) { 445 Prng my_prng; 446 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 447 this->kMemberPrecomp, &Prng::Generate, &my_prng); 448 std::vector<uint8_t> basename = {}; 449 std::vector<uint8_t> basename2 = {'b', 's', 'n'}; 450 EXPECT_EQ(kEpidBadArgErr, 451 EpidRegisterBasename(member, basename.data(), basename.size())); 452 EXPECT_EQ(kEpidBadArgErr, EpidRegisterBasename(member, basename2.data(), 0)); 453 } 454 TEST_F(EpidMemberTest, RegisterBaseNameSucceedsGivenUniqueBaseName) { 455 Prng my_prng; 456 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 457 this->kMemberPrecomp, &Prng::Generate, &my_prng); 458 std::vector<uint8_t> basename = {'b', 's', 'n', '0', '1'}; 459 EXPECT_EQ(kEpidNoErr, 460 EpidRegisterBasename(member, basename.data(), basename.size())); 461 } 462 TEST_F(EpidMemberTest, RegisterBaseNameSucceedsGivenMultipleUniqueBaseNames) { 463 Prng my_prng; 464 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 465 this->kMemberPrecomp, &Prng::Generate, &my_prng); 466 std::vector<uint8_t> basename1 = {'b', 's', 'n', '0', '1'}; 467 std::vector<uint8_t> basename2 = {'b', 's', 'n', '0', '2'}; 468 std::vector<uint8_t> basename3 = {'b', 's', 'n', '0', '3'}; 469 EXPECT_EQ(kEpidNoErr, 470 EpidRegisterBasename(member, basename1.data(), basename1.size())); 471 EXPECT_EQ(kEpidNoErr, 472 EpidRegisterBasename(member, basename2.data(), basename2.size())); 473 EXPECT_EQ(kEpidNoErr, 474 EpidRegisterBasename(member, basename3.data(), basename3.size())); 475 // Verify that basenames registered succesfully 476 EXPECT_EQ(kEpidDuplicateErr, 477 EpidRegisterBasename(member, basename1.data(), basename1.size())); 478 EXPECT_EQ(kEpidDuplicateErr, 479 EpidRegisterBasename(member, basename2.data(), basename2.size())); 480 EXPECT_EQ(kEpidDuplicateErr, 481 EpidRegisterBasename(member, basename3.data(), basename3.size())); 482 } 483 TEST_F(EpidMemberTest, 484 RegisterBaseNameSucceedsGivenBsnContainingAllPossibleBytes) { 485 Prng my_prng; 486 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 487 this->kMemberPrecomp, &Prng::Generate, &my_prng); 488 EXPECT_EQ(kEpidNoErr, EpidRegisterBasename(member, this->kData_0_255.data(), 489 this->kData_0_255.size())); 490 } 491 ////////////////////////////////////////////////////////////////////////// 492 // EpidClearRegisteredBasenames 493 TEST_F(EpidMemberTest, EpidClearRegisteredBasenamesFailsGivenNullPtr) { 494 EXPECT_EQ(kEpidBadArgErr, EpidClearRegisteredBasenames(nullptr)); 495 } 496 TEST_F(EpidMemberTest, EpidClearRegisteredBasenamesClearsBasenames) { 497 Prng my_prng; 498 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 499 this->kMemberPrecomp, &Prng::Generate, &my_prng); 500 THROW_ON_EPIDERR( 501 EpidRegisterBasename(member, this->kBsn0.data(), this->kBsn0.size())); 502 EXPECT_EQ(kEpidNoErr, EpidClearRegisteredBasenames(member)); 503 // check, that after clearing EpidRegisterBasename works correctly 504 THROW_ON_EPIDERR( 505 EpidRegisterBasename(member, this->kBsn0.data(), this->kBsn0.size())); 506 } 507 TEST_F(EpidMemberTest, EpidClearRegisteredBasenamesClearsAllBasenames) { 508 Prng my_prng; 509 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 510 this->kMemberPrecomp, &Prng::Generate, &my_prng); 511 for (int i = 0; i < 3; ++i) { 512 THROW_ON_EPIDERR(EpidRegisterBasename(member, &i, sizeof(i))); 513 } 514 EXPECT_EQ(kEpidNoErr, EpidClearRegisteredBasenames(member)); 515 for (int i = 0; i < 3; ++i) { 516 THROW_ON_EPIDERR(EpidRegisterBasename(member, &i, sizeof(i))); 517 } 518 } 519 TEST_F(EpidMemberTest, 520 EpidClearRegisteredBasenamesCausesSignWithBasenameAfterItToFail) { 521 Prng my_prng; 522 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 523 this->kMemberPrecomp, &Prng::Generate, &my_prng); 524 auto& msg = this->kMsg0; 525 auto& bsn = this->kBsn0; 526 THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size())); 527 std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr)); 528 EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data()); 529 size_t sig_len = sig_data.size() * sizeof(uint8_t); 530 THROW_ON_EPIDERR(EpidSign(member, msg.data(), msg.size(), bsn.data(), 531 bsn.size(), sig, sig_len)); 532 THROW_ON_EPIDERR(EpidClearRegisteredBasenames(member)); 533 ASSERT_EQ(kEpidBadArgErr, EpidSign(member, msg.data(), msg.size(), bsn.data(), 534 bsn.size(), sig, sig_len)); 535 } 536 ////////////////////////////////////////////////////////////////////////// 537 // EpidMemberWritePrecomp 538 TEST_F(EpidMemberTest, MemberWritePrecompFailsGivenNullPointer) { 539 MemberPrecomp precomp; 540 Prng my_prng; 541 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 542 this->kMemberPrecomp, &Prng::Generate, &my_prng); 543 MemberCtx* ctx = member; 544 EXPECT_EQ(kEpidBadArgErr, EpidMemberWritePrecomp(nullptr, &precomp)); 545 EXPECT_EQ(kEpidBadArgErr, EpidMemberWritePrecomp(ctx, nullptr)); 546 } 547 TEST_F(EpidMemberTest, 548 MemberWritePrecompSucceedGivenValidArgumentWithLoadedPrecomp) { 549 MemberPrecomp precomp; 550 Prng my_prng; 551 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 552 this->kMemberPrecomp, &Prng::Generate, &my_prng); 553 MemberCtx* ctx = member; 554 EXPECT_EQ(kEpidNoErr, EpidMemberWritePrecomp(ctx, &precomp)); 555 MemberPrecomp expected_precomp = this->kMemberPrecomp; 556 EXPECT_EQ(expected_precomp, precomp); 557 } 558 TEST_F(EpidMemberTest, 559 MemberWritePrecompSucceedGivenValidArgumentWithCalcPrecomp) { 560 MemberPrecomp precomp; 561 Prng my_prng; 562 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 563 &Prng::Generate, &my_prng); 564 MemberCtx* ctx = member; 565 EXPECT_EQ(kEpidNoErr, EpidMemberWritePrecomp(ctx, &precomp)); 566 MemberPrecomp expected_precomp = this->kMemberPrecomp; 567 EXPECT_EQ(expected_precomp, precomp); 568 } 569 TEST_F(EpidMemberTest, DefaultHashAlgIsSha512) { 570 Prng my_prng; 571 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, 572 this->kMemberPrecomp, &Prng::Generate, &my_prng); 573 MemberCtx* ctx = member; 574 EXPECT_EQ(kSha512, ctx->hash_alg); 575 } 576 #ifdef TPM_TSS 577 ////////////////////////////////////////////////////////////////////////// 578 // MemberCanLoadMembershipCredentialFromTpm 579 TEST_F(EpidMemberTest, 580 MemberCanLoadPreviouslyProvisionedMembershipCredentialFromTpm) { 581 // Not clear that this test is valid or in the right place. 582 Prng prng; 583 Epid2ParamsObj epid2params; 584 585 uint32_t const nv_index = 0x01c10100; 586 GroupPubKey pub_key_expected = this->kGrpXKey; 587 GroupPubKey pub_key; 588 FpElemStr f = this->kGrpXMember9PrivKey.f; 589 MembershipCredential credential_expected = {this->kGrpXMember9PrivKey.gid, 590 this->kGrpXMember9PrivKey.A, 591 this->kGrpXMember9PrivKey.x}; 592 MembershipCredential credential; 593 // Tpm2CtxObj calls Tpm2CreateContext() and sets 594 // is_context_already_created=true. To call this function in 595 // EpidMemberInit() successfully Tpm2DeleteContext() must be called. 596 // Putting creation of Tpm2CtxObj object in a block solves it 597 { 598 // write credentials 599 Tpm2CtxObj tpm(&Prng::Generate, &prng, nullptr, epid2params); 600 THROW_ON_EPIDERR(EpidNvWriteMembershipCredential( 601 tpm, &pub_key_expected, &credential_expected, nv_index)); 602 603 // read credentials to confirm that credential has been really inserted 604 EXPECT_EQ(kEpidNoErr, EpidNvReadMembershipCredential( 605 tpm, nv_index, &pub_key, &credential)); 606 EXPECT_EQ(pub_key_expected, pub_key); 607 EXPECT_EQ(credential_expected, credential); 608 } 609 610 MemberParams params = {0}; 611 SetMemberParams(&Prng::Generate, &prng, &f, ¶ms); 612 MemberCtxObj member(¶ms); 613 EXPECT_EQ(kEpidNoErr, EpidMemberStartup(member)); 614 EXPECT_EQ(pub_key_expected, ((MemberCtx*)member)->pub_key); 615 EXPECT_EQ(credential_expected, ((MemberCtx*)member)->credential); 616 617 Tpm2NvUndefineSpace(((MemberCtx*)member)->tpm2_ctx, nv_index); 618 } 619 #endif 620 } // namespace 621
