Home | History | Annotate | Download | only in keymaster
      1 /*
      2  * Copyright (C) 2014 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #include <string>
     18 #include <fstream>
     19 
     20 #include <gtest/gtest.h>
     21 
     22 #include <openssl/engine.h>
     23 
     24 #include <keymaster/google_keymaster_utils.h>
     25 #include <keymaster/keymaster_tags.h>
     26 
     27 #include "google_keymaster_test_utils.h"
     28 #include "google_softkeymaster.h"
     29 
     30 using std::string;
     31 using std::ifstream;
     32 using std::istreambuf_iterator;
     33 
     34 int main(int argc, char** argv) {
     35     ::testing::InitGoogleTest(&argc, argv);
     36     int result = RUN_ALL_TESTS();
     37     // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain.
     38     CRYPTO_cleanup_all_ex_data();
     39     ERR_free_strings();
     40     return result;
     41 }
     42 
     43 namespace keymaster {
     44 namespace test {
     45 
     46 class KeymasterTest : public testing::Test {
     47   protected:
     48     KeymasterTest() : device(5, new StdoutLogger) { RAND_seed("foobar", 6); }
     49     ~KeymasterTest() {}
     50 
     51     GoogleSoftKeymaster device;
     52 };
     53 
     54 typedef KeymasterTest CheckSupported;
     55 TEST_F(CheckSupported, SupportedAlgorithms) {
     56     // Shouldn't blow up on NULL.
     57     device.SupportedAlgorithms(NULL);
     58 
     59     SupportedResponse<keymaster_algorithm_t> response;
     60     device.SupportedAlgorithms(&response);
     61     EXPECT_EQ(KM_ERROR_OK, response.error);
     62     EXPECT_EQ(3U, response.results_length);
     63     EXPECT_EQ(KM_ALGORITHM_RSA, response.results[0]);
     64     EXPECT_EQ(KM_ALGORITHM_DSA, response.results[1]);
     65     EXPECT_EQ(KM_ALGORITHM_ECDSA, response.results[2]);
     66 }
     67 
     68 TEST_F(CheckSupported, SupportedBlockModes) {
     69     // Shouldn't blow up on NULL.
     70     device.SupportedBlockModes(KM_ALGORITHM_RSA, NULL);
     71 
     72     SupportedResponse<keymaster_block_mode_t> response;
     73     device.SupportedBlockModes(KM_ALGORITHM_RSA, &response);
     74     EXPECT_EQ(KM_ERROR_OK, response.error);
     75     EXPECT_EQ(0U, response.results_length);
     76 
     77     device.SupportedBlockModes(KM_ALGORITHM_DSA, &response);
     78     EXPECT_EQ(KM_ERROR_OK, response.error);
     79     EXPECT_EQ(0U, response.results_length);
     80 
     81     device.SupportedBlockModes(KM_ALGORITHM_ECDSA, &response);
     82     EXPECT_EQ(KM_ERROR_OK, response.error);
     83     EXPECT_EQ(0U, response.results_length);
     84 
     85     device.SupportedBlockModes(KM_ALGORITHM_AES, &response);
     86     EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
     87 }
     88 
     89 TEST_F(CheckSupported, SupportedPaddingModes) {
     90     // Shouldn't blow up on NULL.
     91     device.SupportedPaddingModes(KM_ALGORITHM_RSA, NULL);
     92 
     93     SupportedResponse<keymaster_padding_t> response;
     94     device.SupportedPaddingModes(KM_ALGORITHM_RSA, &response);
     95     EXPECT_EQ(KM_ERROR_OK, response.error);
     96     EXPECT_EQ(1U, response.results_length);
     97     EXPECT_EQ(KM_PAD_NONE, response.results[0]);
     98 
     99     device.SupportedPaddingModes(KM_ALGORITHM_DSA, &response);
    100     EXPECT_EQ(KM_ERROR_OK, response.error);
    101     EXPECT_EQ(1U, response.results_length);
    102     EXPECT_EQ(KM_PAD_NONE, response.results[0]);
    103 
    104     device.SupportedPaddingModes(KM_ALGORITHM_ECDSA, &response);
    105     EXPECT_EQ(KM_ERROR_OK, response.error);
    106     EXPECT_EQ(1U, response.results_length);
    107     EXPECT_EQ(KM_PAD_NONE, response.results[0]);
    108 
    109     device.SupportedPaddingModes(KM_ALGORITHM_AES, &response);
    110     EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
    111 }
    112 
    113 TEST_F(CheckSupported, SupportedDigests) {
    114     // Shouldn't blow up on NULL.
    115     device.SupportedDigests(KM_ALGORITHM_RSA, NULL);
    116 
    117     SupportedResponse<keymaster_digest_t> response;
    118     device.SupportedDigests(KM_ALGORITHM_RSA, &response);
    119     EXPECT_EQ(KM_ERROR_OK, response.error);
    120     EXPECT_EQ(1U, response.results_length);
    121     EXPECT_EQ(KM_DIGEST_NONE, response.results[0]);
    122 
    123     device.SupportedDigests(KM_ALGORITHM_DSA, &response);
    124     EXPECT_EQ(KM_ERROR_OK, response.error);
    125     EXPECT_EQ(1U, response.results_length);
    126     EXPECT_EQ(KM_DIGEST_NONE, response.results[0]);
    127 
    128     device.SupportedDigests(KM_ALGORITHM_ECDSA, &response);
    129     EXPECT_EQ(KM_ERROR_OK, response.error);
    130     EXPECT_EQ(1U, response.results_length);
    131     EXPECT_EQ(KM_DIGEST_NONE, response.results[0]);
    132 
    133     device.SupportedDigests(KM_ALGORITHM_AES, &response);
    134     EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
    135 }
    136 
    137 TEST_F(CheckSupported, SupportedImportFormats) {
    138     // Shouldn't blow up on NULL.
    139     device.SupportedImportFormats(KM_ALGORITHM_RSA, NULL);
    140 
    141     SupportedResponse<keymaster_key_format_t> response;
    142     device.SupportedImportFormats(KM_ALGORITHM_RSA, &response);
    143     EXPECT_EQ(KM_ERROR_OK, response.error);
    144     EXPECT_EQ(1U, response.results_length);
    145     EXPECT_EQ(KM_KEY_FORMAT_PKCS8, response.results[0]);
    146 
    147     device.SupportedImportFormats(KM_ALGORITHM_DSA, &response);
    148     EXPECT_EQ(KM_ERROR_OK, response.error);
    149     EXPECT_EQ(1U, response.results_length);
    150     EXPECT_EQ(KM_KEY_FORMAT_PKCS8, response.results[0]);
    151 
    152     device.SupportedImportFormats(KM_ALGORITHM_ECDSA, &response);
    153     EXPECT_EQ(KM_ERROR_OK, response.error);
    154     EXPECT_EQ(1U, response.results_length);
    155     EXPECT_EQ(KM_KEY_FORMAT_PKCS8, response.results[0]);
    156 
    157     device.SupportedImportFormats(KM_ALGORITHM_AES, &response);
    158     EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
    159 }
    160 
    161 TEST_F(CheckSupported, SupportedExportFormats) {
    162     // Shouldn't blow up on NULL.
    163     device.SupportedExportFormats(KM_ALGORITHM_RSA, NULL);
    164 
    165     SupportedResponse<keymaster_key_format_t> response;
    166     device.SupportedExportFormats(KM_ALGORITHM_RSA, &response);
    167     EXPECT_EQ(KM_ERROR_OK, response.error);
    168     EXPECT_EQ(1U, response.results_length);
    169     EXPECT_EQ(KM_KEY_FORMAT_X509, response.results[0]);
    170 
    171     device.SupportedExportFormats(KM_ALGORITHM_DSA, &response);
    172     EXPECT_EQ(KM_ERROR_OK, response.error);
    173     EXPECT_EQ(1U, response.results_length);
    174     EXPECT_EQ(KM_KEY_FORMAT_X509, response.results[0]);
    175 
    176     device.SupportedExportFormats(KM_ALGORITHM_ECDSA, &response);
    177     EXPECT_EQ(KM_ERROR_OK, response.error);
    178     EXPECT_EQ(1U, response.results_length);
    179     EXPECT_EQ(KM_KEY_FORMAT_X509, response.results[0]);
    180 
    181     device.SupportedExportFormats(KM_ALGORITHM_AES, &response);
    182     EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error);
    183 }
    184 
    185 typedef KeymasterTest NewKeyGeneration;
    186 TEST_F(NewKeyGeneration, Rsa) {
    187     keymaster_key_param_t params[] = {
    188         Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
    189         Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
    190         Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
    191         Authorization(TAG_KEY_SIZE, 256),
    192         Authorization(TAG_USER_ID, 7),
    193         Authorization(TAG_USER_AUTH_ID, 8),
    194         Authorization(TAG_APPLICATION_ID, "app_id", 6),
    195         Authorization(TAG_APPLICATION_DATA, "app_data", 8),
    196         Authorization(TAG_AUTH_TIMEOUT, 300),
    197     };
    198     GenerateKeyRequest req;
    199     req.key_description.Reinitialize(params, array_length(params));
    200     GenerateKeyResponse rsp;
    201 
    202     device.GenerateKey(req, &rsp);
    203 
    204     ASSERT_EQ(KM_ERROR_OK, rsp.error);
    205     EXPECT_EQ(0U, rsp.enforced.size());
    206     EXPECT_EQ(12U, rsp.enforced.SerializedSize());
    207     EXPECT_GT(rsp.unenforced.SerializedSize(), 12U);
    208 
    209     // Check specified tags are all present in unenforced characteristics
    210     EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN));
    211     EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY));
    212 
    213     EXPECT_TRUE(contains(rsp.unenforced, TAG_ALGORITHM, KM_ALGORITHM_RSA));
    214 
    215     EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7));
    216     EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8));
    217     EXPECT_TRUE(contains(rsp.unenforced, TAG_KEY_SIZE, 256));
    218     EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300));
    219 
    220     // Verify that App ID, App data and ROT are NOT included.
    221     EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST));
    222     EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID));
    223     EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA));
    224 
    225     // Just for giggles, check that some unexpected tags/values are NOT present.
    226     EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
    227     EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT));
    228     EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301));
    229     EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT));
    230 
    231     // Now check that unspecified, defaulted tags are correct.
    232     EXPECT_TRUE(contains(rsp.unenforced, TAG_RSA_PUBLIC_EXPONENT, 65537));
    233     EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE));
    234     EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME));
    235 }
    236 
    237 TEST_F(NewKeyGeneration, Dsa) {
    238     keymaster_key_param_t params[] = {
    239         Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
    240         Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
    241         Authorization(TAG_ALGORITHM, KM_ALGORITHM_DSA),
    242         Authorization(TAG_KEY_SIZE, 256),
    243         Authorization(TAG_USER_ID, 7),
    244         Authorization(TAG_USER_AUTH_ID, 8),
    245         Authorization(TAG_APPLICATION_ID, "app_id", 6),
    246         Authorization(TAG_APPLICATION_DATA, "app_data", 8),
    247         Authorization(TAG_AUTH_TIMEOUT, 300),
    248     };
    249     GenerateKeyRequest req;
    250     req.key_description.Reinitialize(params, array_length(params));
    251     GenerateKeyResponse rsp;
    252 
    253     device.GenerateKey(req, &rsp);
    254 
    255     ASSERT_EQ(KM_ERROR_OK, rsp.error);
    256     EXPECT_EQ(0U, rsp.enforced.size());
    257     EXPECT_EQ(12U, rsp.enforced.SerializedSize());
    258     EXPECT_GT(rsp.unenforced.SerializedSize(), 12U);
    259 
    260     // Check specified tags are all present in unenforced characteristics
    261     EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN));
    262     EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY));
    263 
    264     EXPECT_TRUE(contains(rsp.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA));
    265 
    266     EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7));
    267     EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8));
    268     EXPECT_TRUE(contains(rsp.unenforced, TAG_KEY_SIZE, 256));
    269     EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300));
    270 
    271     // Verify that App ID, App data and ROT are NOT included.
    272     EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST));
    273     EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID));
    274     EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA));
    275 
    276     // Just for giggles, check that some unexpected tags/values are NOT present.
    277     EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
    278     EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT));
    279     EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301));
    280     EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT));
    281 
    282     // Now check that unspecified, defaulted tags are correct.
    283     EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE));
    284     EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME));
    285 
    286     // Generator should have created DSA params.
    287     keymaster_blob_t g, p, q;
    288     EXPECT_TRUE(rsp.unenforced.GetTagValue(TAG_DSA_GENERATOR, &g));
    289     EXPECT_TRUE(rsp.unenforced.GetTagValue(TAG_DSA_P, &p));
    290     EXPECT_TRUE(rsp.unenforced.GetTagValue(TAG_DSA_Q, &q));
    291     EXPECT_TRUE(g.data_length >= 63 && g.data_length <= 64);
    292     EXPECT_EQ(64U, p.data_length);
    293     EXPECT_EQ(20U, q.data_length);
    294 }
    295 
    296 TEST_F(NewKeyGeneration, Ecdsa) {
    297     keymaster_key_param_t params[] = {
    298         Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
    299         Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
    300         Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA),
    301         Authorization(TAG_KEY_SIZE, 256),
    302         Authorization(TAG_USER_ID, 7),
    303         Authorization(TAG_USER_AUTH_ID, 8),
    304         Authorization(TAG_APPLICATION_ID, "app_id", 6),
    305         Authorization(TAG_APPLICATION_DATA, "app_data", 8),
    306         Authorization(TAG_AUTH_TIMEOUT, 300),
    307     };
    308     GenerateKeyRequest req;
    309     req.key_description.Reinitialize(params, array_length(params));
    310     GenerateKeyResponse rsp;
    311 
    312     device.GenerateKey(req, &rsp);
    313 
    314     ASSERT_EQ(KM_ERROR_OK, rsp.error);
    315     EXPECT_EQ(0U, rsp.enforced.size());
    316     EXPECT_EQ(12U, rsp.enforced.SerializedSize());
    317     EXPECT_GT(rsp.unenforced.SerializedSize(), 12U);
    318 
    319     // Check specified tags are all present in unenforced characteristics
    320     EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN));
    321     EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY));
    322 
    323     EXPECT_TRUE(contains(rsp.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
    324 
    325     EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7));
    326     EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8));
    327     EXPECT_TRUE(contains(rsp.unenforced, TAG_KEY_SIZE, 256));
    328     EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300));
    329 
    330     // Verify that App ID, App data and ROT are NOT included.
    331     EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST));
    332     EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID));
    333     EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA));
    334 
    335     // Just for giggles, check that some unexpected tags/values are NOT present.
    336     EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT));
    337     EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT));
    338     EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301));
    339     EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT));
    340 
    341     // Now check that unspecified, defaulted tags are correct.
    342     EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE));
    343     EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME));
    344 }
    345 
    346 typedef KeymasterTest GetKeyCharacteristics;
    347 TEST_F(GetKeyCharacteristics, SimpleRsa) {
    348     keymaster_key_param_t params[] = {
    349         Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
    350         Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
    351         Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
    352         Authorization(TAG_KEY_SIZE, 256),
    353         Authorization(TAG_USER_ID, 7),
    354         Authorization(TAG_USER_AUTH_ID, 8),
    355         Authorization(TAG_APPLICATION_ID, "app_id", 6),
    356         Authorization(TAG_AUTH_TIMEOUT, 300),
    357     };
    358 
    359     GenerateKeyRequest gen_req;
    360     gen_req.key_description.Reinitialize(params, array_length(params));
    361     GenerateKeyResponse gen_rsp;
    362 
    363     device.GenerateKey(gen_req, &gen_rsp);
    364     ASSERT_EQ(KM_ERROR_OK, gen_rsp.error);
    365 
    366     GetKeyCharacteristicsRequest req;
    367     req.SetKeyMaterial(gen_rsp.key_blob);
    368     req.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6);
    369 
    370     GetKeyCharacteristicsResponse rsp;
    371     device.GetKeyCharacteristics(req, &rsp);
    372     ASSERT_EQ(KM_ERROR_OK, rsp.error);
    373 
    374     EXPECT_EQ(gen_rsp.enforced, rsp.enforced);
    375     EXPECT_EQ(gen_rsp.unenforced, rsp.unenforced);
    376 }
    377 
    378 /**
    379  * Test class that provides some infrastructure for generating keys and signing messages.
    380  */
    381 class SigningOperationsTest : public KeymasterTest {
    382   protected:
    383     void GenerateKey(keymaster_algorithm_t algorithm, keymaster_digest_t digest,
    384                      keymaster_padding_t padding, uint32_t key_size) {
    385         keymaster_key_param_t params[] = {
    386             Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
    387             Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
    388             Authorization(TAG_ALGORITHM, algorithm),
    389             Authorization(TAG_KEY_SIZE, key_size),
    390             Authorization(TAG_USER_ID, 7),
    391             Authorization(TAG_USER_AUTH_ID, 8),
    392             Authorization(TAG_APPLICATION_ID, "app_id", 6),
    393             Authorization(TAG_AUTH_TIMEOUT, 300),
    394         };
    395         GenerateKeyRequest generate_request;
    396         generate_request.key_description.Reinitialize(params, array_length(params));
    397         if (static_cast<int>(digest) != -1)
    398             generate_request.key_description.push_back(TAG_DIGEST, digest);
    399         if (static_cast<int>(padding) != -1)
    400             generate_request.key_description.push_back(TAG_PADDING, padding);
    401         device.GenerateKey(generate_request, &generate_response_);
    402         EXPECT_EQ(KM_ERROR_OK, generate_response_.error);
    403     }
    404 
    405     void SignMessage(const void* message, size_t size) {
    406         SignMessage(generate_response_.key_blob, message, size);
    407     }
    408 
    409     void SignMessage(const keymaster_key_blob_t& key_blob, const void* message, size_t size) {
    410         BeginOperationRequest begin_request;
    411         BeginOperationResponse begin_response;
    412         begin_request.SetKeyMaterial(key_blob);
    413         begin_request.purpose = KM_PURPOSE_SIGN;
    414         AddClientParams(&begin_request.additional_params);
    415 
    416         device.BeginOperation(begin_request, &begin_response);
    417         ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    418 
    419         UpdateOperationRequest update_request;
    420         UpdateOperationResponse update_response;
    421         update_request.op_handle = begin_response.op_handle;
    422         update_request.input.Reinitialize(message, size);
    423         EXPECT_EQ(size, update_request.input.available_read());
    424 
    425         device.UpdateOperation(update_request, &update_response);
    426         ASSERT_EQ(KM_ERROR_OK, update_response.error);
    427         EXPECT_EQ(0U, update_response.output.available_read());
    428 
    429         FinishOperationRequest finish_request;
    430         finish_request.op_handle = begin_response.op_handle;
    431         device.FinishOperation(finish_request, &finish_response_);
    432         ASSERT_EQ(KM_ERROR_OK, finish_response_.error);
    433         EXPECT_GT(finish_response_.output.available_read(), 0U);
    434     }
    435 
    436     void AddClientParams(AuthorizationSet* set) { set->push_back(TAG_APPLICATION_ID, "app_id", 6); }
    437 
    438     const keymaster_key_blob_t& key_blob() { return generate_response_.key_blob; }
    439 
    440     const keymaster_key_blob_t& corrupt_key_blob() {
    441         uint8_t* tmp = const_cast<uint8_t*>(generate_response_.key_blob.key_material);
    442         ++tmp[generate_response_.key_blob.key_material_size / 2];
    443         return generate_response_.key_blob;
    444     }
    445 
    446     Buffer* signature() {
    447         if (finish_response_.error == KM_ERROR_OK)
    448             return &finish_response_.output;
    449         return NULL;
    450     }
    451 
    452   private:
    453     GenerateKeyResponse generate_response_;
    454     FinishOperationResponse finish_response_;
    455 };
    456 
    457 TEST_F(SigningOperationsTest, RsaSuccess) {
    458     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
    459     const char message[] = "12345678901234567890123456789012";
    460 
    461     BeginOperationRequest begin_request;
    462     BeginOperationResponse begin_response;
    463     begin_request.SetKeyMaterial(key_blob());
    464     begin_request.purpose = KM_PURPOSE_SIGN;
    465     AddClientParams(&begin_request.additional_params);
    466 
    467     device.BeginOperation(begin_request, &begin_response);
    468     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    469 
    470     UpdateOperationRequest update_request;
    471     UpdateOperationResponse update_response;
    472     update_request.op_handle = begin_response.op_handle;
    473     update_request.input.Reinitialize(message, array_size(message) - 1);
    474     EXPECT_EQ(array_size(message) - 1, update_request.input.available_read());
    475 
    476     device.UpdateOperation(update_request, &update_response);
    477     ASSERT_EQ(KM_ERROR_OK, update_response.error);
    478     EXPECT_EQ(0U, update_response.output.available_read());
    479 
    480     FinishOperationRequest finish_request;
    481     finish_request.op_handle = begin_response.op_handle;
    482     FinishOperationResponse finish_response;
    483     device.FinishOperation(finish_request, &finish_response);
    484     ASSERT_EQ(KM_ERROR_OK, finish_response.error);
    485     EXPECT_GT(finish_response.output.available_read(), 0U);
    486 
    487     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    488 }
    489 
    490 TEST_F(SigningOperationsTest, DsaSuccess) {
    491     GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
    492 
    493     BeginOperationRequest begin_request;
    494     BeginOperationResponse begin_response;
    495     begin_request.SetKeyMaterial(key_blob());
    496     begin_request.purpose = KM_PURPOSE_SIGN;
    497     AddClientParams(&begin_request.additional_params);
    498 
    499     device.BeginOperation(begin_request, &begin_response);
    500     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    501 
    502     UpdateOperationRequest update_request;
    503     UpdateOperationResponse update_response;
    504     update_request.op_handle = begin_response.op_handle;
    505     update_request.input.Reinitialize("123456789012345678901234567890123456789012345678", 48);
    506     EXPECT_EQ(48U, update_request.input.available_read());
    507 
    508     device.UpdateOperation(update_request, &update_response);
    509     ASSERT_EQ(KM_ERROR_OK, update_response.error);
    510     EXPECT_EQ(0U, update_response.output.available_read());
    511 
    512     FinishOperationRequest finish_request;
    513     finish_request.op_handle = begin_response.op_handle;
    514     FinishOperationResponse finish_response;
    515     device.FinishOperation(finish_request, &finish_response);
    516     ASSERT_EQ(KM_ERROR_OK, finish_response.error);
    517     EXPECT_GT(finish_response.output.available_read(), 0U);
    518 
    519     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    520 }
    521 
    522 TEST_F(SigningOperationsTest, EcdsaSuccess) {
    523     GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 192 /* key size */);
    524 
    525     BeginOperationRequest begin_request;
    526     BeginOperationResponse begin_response;
    527     begin_request.SetKeyMaterial(key_blob());
    528     begin_request.purpose = KM_PURPOSE_SIGN;
    529     AddClientParams(&begin_request.additional_params);
    530 
    531     device.BeginOperation(begin_request, &begin_response);
    532     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    533 
    534     UpdateOperationRequest update_request;
    535     UpdateOperationResponse update_response;
    536     update_request.op_handle = begin_response.op_handle;
    537     update_request.input.Reinitialize("123456789012345678901234567890123456789012345678", 48);
    538     EXPECT_EQ(48U, update_request.input.available_read());
    539 
    540     device.UpdateOperation(update_request, &update_response);
    541     ASSERT_EQ(KM_ERROR_OK, update_response.error);
    542     EXPECT_EQ(0U, update_response.output.available_read());
    543 
    544     FinishOperationRequest finish_request;
    545     finish_request.op_handle = begin_response.op_handle;
    546     FinishOperationResponse finish_response;
    547     device.FinishOperation(finish_request, &finish_response);
    548     ASSERT_EQ(KM_ERROR_OK, finish_response.error);
    549     EXPECT_GT(finish_response.output.available_read(), 0U);
    550 
    551     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    552 }
    553 
    554 TEST_F(SigningOperationsTest, RsaAbort) {
    555     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
    556 
    557     BeginOperationRequest begin_request;
    558     BeginOperationResponse begin_response;
    559     begin_request.SetKeyMaterial(key_blob());
    560     begin_request.purpose = KM_PURPOSE_SIGN;
    561     AddClientParams(&begin_request.additional_params);
    562 
    563     device.BeginOperation(begin_request, &begin_response);
    564     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    565 
    566     EXPECT_EQ(KM_ERROR_OK, device.AbortOperation(begin_response.op_handle));
    567 
    568     // Another abort should fail
    569     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    570 }
    571 
    572 TEST_F(SigningOperationsTest, RsaUnsupportedDigest) {
    573     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_SHA_2_256, KM_PAD_NONE, 256 /* key size */);
    574 
    575     BeginOperationRequest begin_request;
    576     BeginOperationResponse begin_response;
    577     begin_request.purpose = KM_PURPOSE_SIGN;
    578     begin_request.SetKeyMaterial(key_blob());
    579     AddClientParams(&begin_request.additional_params);
    580 
    581     device.BeginOperation(begin_request, &begin_response);
    582     ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error);
    583 
    584     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    585 }
    586 
    587 TEST_F(SigningOperationsTest, RsaUnsupportedPadding) {
    588     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_RSA_OAEP, 256 /* key size */);
    589 
    590     BeginOperationRequest begin_request;
    591     BeginOperationResponse begin_response;
    592     begin_request.purpose = KM_PURPOSE_SIGN;
    593     begin_request.SetKeyMaterial(key_blob());
    594     AddClientParams(&begin_request.additional_params);
    595 
    596     device.BeginOperation(begin_request, &begin_response);
    597     ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error);
    598 
    599     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    600 }
    601 
    602 TEST_F(SigningOperationsTest, RsaNoDigest) {
    603     GenerateKey(KM_ALGORITHM_RSA, static_cast<keymaster_digest_t>(-1), KM_PAD_NONE,
    604                 256 /* key size */);
    605 
    606     BeginOperationRequest begin_request;
    607     BeginOperationResponse begin_response;
    608     begin_request.purpose = KM_PURPOSE_SIGN;
    609     begin_request.SetKeyMaterial(key_blob());
    610     AddClientParams(&begin_request.additional_params);
    611 
    612     device.BeginOperation(begin_request, &begin_response);
    613     ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error);
    614 
    615     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    616 }
    617 
    618 TEST_F(SigningOperationsTest, RsaNoPadding) {
    619     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, static_cast<keymaster_padding_t>(-1),
    620                 256 /* key size */);
    621 
    622     BeginOperationRequest begin_request;
    623     BeginOperationResponse begin_response;
    624     begin_request.purpose = KM_PURPOSE_SIGN;
    625     begin_request.SetKeyMaterial(key_blob());
    626     AddClientParams(&begin_request.additional_params);
    627 
    628     device.BeginOperation(begin_request, &begin_response);
    629     ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error);
    630 
    631     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    632 }
    633 
    634 TEST_F(SigningOperationsTest, RsaTooShortMessage) {
    635     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
    636 
    637     BeginOperationRequest begin_request;
    638     BeginOperationResponse begin_response;
    639     begin_request.SetKeyMaterial(key_blob());
    640     begin_request.purpose = KM_PURPOSE_SIGN;
    641     AddClientParams(&begin_request.additional_params);
    642 
    643     device.BeginOperation(begin_request, &begin_response);
    644     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    645 
    646     UpdateOperationRequest update_request;
    647     UpdateOperationResponse update_response;
    648     update_request.op_handle = begin_response.op_handle;
    649     update_request.input.Reinitialize("01234567890123456789012345678901", 31);
    650     EXPECT_EQ(31U, update_request.input.available_read());
    651 
    652     device.UpdateOperation(update_request, &update_response);
    653     ASSERT_EQ(KM_ERROR_OK, update_response.error);
    654     EXPECT_EQ(0U, update_response.output.available_read());
    655 
    656     FinishOperationRequest finish_request;
    657     finish_request.op_handle = begin_response.op_handle;
    658     FinishOperationResponse finish_response;
    659     device.FinishOperation(finish_request, &finish_response);
    660     ASSERT_EQ(KM_ERROR_UNKNOWN_ERROR, finish_response.error);
    661     EXPECT_EQ(0U, finish_response.output.available_read());
    662 
    663     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    664 }
    665 
    666 typedef SigningOperationsTest VerificationOperationsTest;
    667 TEST_F(VerificationOperationsTest, RsaSuccess) {
    668     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
    669     const char message[] = "12345678901234567890123456789012";
    670     SignMessage(message, array_size(message) - 1);
    671     ASSERT_TRUE(signature() != NULL);
    672 
    673     BeginOperationRequest begin_request;
    674     BeginOperationResponse begin_response;
    675     begin_request.SetKeyMaterial(key_blob());
    676     begin_request.purpose = KM_PURPOSE_VERIFY;
    677     AddClientParams(&begin_request.additional_params);
    678 
    679     device.BeginOperation(begin_request, &begin_response);
    680     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    681 
    682     UpdateOperationRequest update_request;
    683     UpdateOperationResponse update_response;
    684     update_request.op_handle = begin_response.op_handle;
    685     update_request.input.Reinitialize(message, array_size(message) - 1);
    686     EXPECT_EQ(array_size(message) - 1, update_request.input.available_read());
    687 
    688     device.UpdateOperation(update_request, &update_response);
    689     ASSERT_EQ(KM_ERROR_OK, update_response.error);
    690     EXPECT_EQ(0U, update_response.output.available_read());
    691 
    692     FinishOperationRequest finish_request;
    693     finish_request.op_handle = begin_response.op_handle;
    694     finish_request.signature.Reinitialize(*signature());
    695     FinishOperationResponse finish_response;
    696     device.FinishOperation(finish_request, &finish_response);
    697     ASSERT_EQ(KM_ERROR_OK, finish_response.error);
    698     EXPECT_EQ(0U, finish_response.output.available_read());
    699 
    700     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    701 }
    702 
    703 TEST_F(VerificationOperationsTest, DsaSuccess) {
    704     GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
    705     const char message[] = "123456789012345678901234567890123456789012345678";
    706     SignMessage(message, array_size(message) - 1);
    707     ASSERT_TRUE(signature() != NULL);
    708 
    709     BeginOperationRequest begin_request;
    710     BeginOperationResponse begin_response;
    711     begin_request.SetKeyMaterial(key_blob());
    712     begin_request.purpose = KM_PURPOSE_VERIFY;
    713     AddClientParams(&begin_request.additional_params);
    714 
    715     device.BeginOperation(begin_request, &begin_response);
    716     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    717 
    718     UpdateOperationRequest update_request;
    719     UpdateOperationResponse update_response;
    720     update_request.op_handle = begin_response.op_handle;
    721     update_request.input.Reinitialize(message, array_size(message) - 1);
    722     EXPECT_EQ(array_size(message) - 1, update_request.input.available_read());
    723 
    724     device.UpdateOperation(update_request, &update_response);
    725     ASSERT_EQ(KM_ERROR_OK, update_response.error);
    726     EXPECT_EQ(0U, update_response.output.available_read());
    727 
    728     FinishOperationRequest finish_request;
    729     finish_request.op_handle = begin_response.op_handle;
    730     finish_request.signature.Reinitialize(*signature());
    731     FinishOperationResponse finish_response;
    732     device.FinishOperation(finish_request, &finish_response);
    733     ASSERT_EQ(KM_ERROR_OK, finish_response.error);
    734     EXPECT_EQ(0U, finish_response.output.available_read());
    735 
    736     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    737 }
    738 
    739 TEST_F(VerificationOperationsTest, EcdsaSuccess) {
    740     GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
    741     const char message[] = "123456789012345678901234567890123456789012345678";
    742     SignMessage(message, array_size(message) - 1);
    743     ASSERT_TRUE(signature() != NULL);
    744 
    745     BeginOperationRequest begin_request;
    746     BeginOperationResponse begin_response;
    747     begin_request.SetKeyMaterial(key_blob());
    748     begin_request.purpose = KM_PURPOSE_VERIFY;
    749     AddClientParams(&begin_request.additional_params);
    750 
    751     device.BeginOperation(begin_request, &begin_response);
    752     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    753 
    754     UpdateOperationRequest update_request;
    755     UpdateOperationResponse update_response;
    756     update_request.op_handle = begin_response.op_handle;
    757     update_request.input.Reinitialize(message, array_size(message) - 1);
    758     EXPECT_EQ(array_size(message) - 1, update_request.input.available_read());
    759 
    760     device.UpdateOperation(update_request, &update_response);
    761     ASSERT_EQ(KM_ERROR_OK, update_response.error);
    762     EXPECT_EQ(0U, update_response.output.available_read());
    763 
    764     FinishOperationRequest finish_request;
    765     finish_request.op_handle = begin_response.op_handle;
    766     finish_request.signature.Reinitialize(*signature());
    767     FinishOperationResponse finish_response;
    768     device.FinishOperation(finish_request, &finish_response);
    769     ASSERT_EQ(KM_ERROR_OK, finish_response.error);
    770     EXPECT_EQ(0U, finish_response.output.available_read());
    771 
    772     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    773 }
    774 
    775 typedef SigningOperationsTest ExportKeyTest;
    776 TEST_F(ExportKeyTest, RsaSuccess) {
    777     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */);
    778 
    779     ExportKeyRequest request;
    780     ExportKeyResponse response;
    781     AddClientParams(&request.additional_params);
    782     request.key_format = KM_KEY_FORMAT_X509;
    783     request.SetKeyMaterial(key_blob());
    784 
    785     device.ExportKey(request, &response);
    786     ASSERT_EQ(KM_ERROR_OK, response.error);
    787     EXPECT_TRUE(response.key_data != NULL);
    788 
    789     // TODO(swillden): Verify that the exported key is actually usable to verify signatures.
    790 }
    791 
    792 TEST_F(ExportKeyTest, DsaSuccess) {
    793     GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 1024 /* key size */);
    794 
    795     ExportKeyRequest request;
    796     ExportKeyResponse response;
    797     AddClientParams(&request.additional_params);
    798     request.key_format = KM_KEY_FORMAT_X509;
    799     request.SetKeyMaterial(key_blob());
    800 
    801     device.ExportKey(request, &response);
    802     ASSERT_EQ(KM_ERROR_OK, response.error);
    803     EXPECT_TRUE(response.key_data != NULL);
    804 
    805     // TODO(swillden): Verify that the exported key is actually usable to verify signatures.
    806 }
    807 
    808 TEST_F(ExportKeyTest, EcdsaSuccess) {
    809     GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 192 /* key size */);
    810 
    811     ExportKeyRequest request;
    812     ExportKeyResponse response;
    813     AddClientParams(&request.additional_params);
    814     request.key_format = KM_KEY_FORMAT_X509;
    815     request.SetKeyMaterial(key_blob());
    816 
    817     device.ExportKey(request, &response);
    818     ASSERT_EQ(KM_ERROR_OK, response.error);
    819     EXPECT_TRUE(response.key_data != NULL);
    820 
    821     // TODO(swillden): Verify that the exported key is actually usable to verify signatures.
    822 }
    823 
    824 TEST_F(ExportKeyTest, RsaUnsupportedKeyFormat) {
    825     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256);
    826 
    827     ExportKeyRequest request;
    828     ExportKeyResponse response;
    829     AddClientParams(&request.additional_params);
    830 
    831     /* We have no other defined export formats defined. */
    832     request.key_format = KM_KEY_FORMAT_PKCS8;
    833     request.SetKeyMaterial(key_blob());
    834 
    835     device.ExportKey(request, &response);
    836     ASSERT_EQ(KM_ERROR_UNSUPPORTED_KEY_FORMAT, response.error);
    837     EXPECT_TRUE(response.key_data == NULL);
    838 }
    839 
    840 TEST_F(ExportKeyTest, RsaCorruptedKeyBlob) {
    841     GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256);
    842 
    843     ExportKeyRequest request;
    844     ExportKeyResponse response;
    845     AddClientParams(&request.additional_params);
    846     request.key_format = KM_KEY_FORMAT_X509;
    847     request.SetKeyMaterial(corrupt_key_blob());
    848 
    849     device.ExportKey(request, &response);
    850     ASSERT_EQ(KM_ERROR_INVALID_KEY_BLOB, response.error);
    851     ASSERT_TRUE(response.key_data == NULL);
    852 }
    853 
    854 static string read_file(const string& file_name) {
    855     ifstream file_stream(file_name, std::ios::binary);
    856     istreambuf_iterator<char> file_begin(file_stream);
    857     istreambuf_iterator<char> file_end;
    858     return string(file_begin, file_end);
    859 }
    860 
    861 typedef SigningOperationsTest ImportKeyTest;
    862 TEST_F(ImportKeyTest, RsaSuccess) {
    863     keymaster_key_param_t params[] = {
    864         Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
    865         Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
    866         Authorization(TAG_DIGEST, KM_DIGEST_NONE),
    867         Authorization(TAG_PADDING, KM_PAD_NONE),
    868         Authorization(TAG_USER_ID, 7),
    869         Authorization(TAG_USER_AUTH_ID, 8),
    870         Authorization(TAG_APPLICATION_ID, "app_id", 6),
    871         Authorization(TAG_AUTH_TIMEOUT, 300),
    872     };
    873 
    874     string pk8_key = read_file("rsa_privkey_pk8.der");
    875     ASSERT_EQ(633U, pk8_key.size());
    876 
    877     ImportKeyRequest import_request;
    878     import_request.key_description.Reinitialize(params, array_length(params));
    879     import_request.key_format = KM_KEY_FORMAT_PKCS8;
    880     import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
    881 
    882     ImportKeyResponse import_response;
    883     device.ImportKey(import_request, &import_response);
    884     ASSERT_EQ(KM_ERROR_OK, import_response.error);
    885     EXPECT_EQ(0U, import_response.enforced.size());
    886     EXPECT_GT(import_response.unenforced.size(), 0U);
    887 
    888     // Check values derived from the key.
    889     EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_RSA));
    890     EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 1024));
    891     EXPECT_TRUE(contains(import_response.unenforced, TAG_RSA_PUBLIC_EXPONENT, 65537U));
    892 
    893     // And values provided by GoogleKeymaster
    894     EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
    895     EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
    896 
    897     size_t message_len = 1024 / 8;
    898     UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
    899     std::fill(message.get(), message.get() + message_len, 'a');
    900     SignMessage(import_response.key_blob, message.get(), message_len);
    901     ASSERT_TRUE(signature() != NULL);
    902 
    903     BeginOperationRequest begin_request;
    904     BeginOperationResponse begin_response;
    905     begin_request.SetKeyMaterial(import_response.key_blob);
    906     begin_request.purpose = KM_PURPOSE_VERIFY;
    907     AddClientParams(&begin_request.additional_params);
    908 
    909     device.BeginOperation(begin_request, &begin_response);
    910     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    911 
    912     UpdateOperationRequest update_request;
    913     UpdateOperationResponse update_response;
    914     update_request.op_handle = begin_response.op_handle;
    915     update_request.input.Reinitialize(message.get(), message_len);
    916     EXPECT_EQ(message_len, update_request.input.available_read());
    917 
    918     device.UpdateOperation(update_request, &update_response);
    919     ASSERT_EQ(KM_ERROR_OK, update_response.error);
    920     EXPECT_EQ(0U, update_response.output.available_read());
    921 
    922     FinishOperationRequest finish_request;
    923     finish_request.op_handle = begin_response.op_handle;
    924     finish_request.signature.Reinitialize(*signature());
    925     FinishOperationResponse finish_response;
    926     device.FinishOperation(finish_request, &finish_response);
    927     ASSERT_EQ(KM_ERROR_OK, finish_response.error);
    928     EXPECT_EQ(0U, finish_response.output.available_read());
    929 
    930     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
    931 }
    932 
    933 TEST_F(ImportKeyTest, DsaSuccess) {
    934     keymaster_key_param_t params[] = {
    935         Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
    936         Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
    937         Authorization(TAG_DIGEST, KM_DIGEST_NONE),
    938         Authorization(TAG_PADDING, KM_PAD_NONE),
    939         Authorization(TAG_USER_ID, 7),
    940         Authorization(TAG_USER_AUTH_ID, 8),
    941         Authorization(TAG_APPLICATION_ID, "app_id", 6),
    942         Authorization(TAG_AUTH_TIMEOUT, 300),
    943     };
    944 
    945     string pk8_key = read_file("dsa_privkey_pk8.der");
    946     ASSERT_EQ(335U, pk8_key.size());
    947 
    948     ImportKeyRequest import_request;
    949     import_request.key_description.Reinitialize(params, array_length(params));
    950     import_request.key_format = KM_KEY_FORMAT_PKCS8;
    951     import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
    952 
    953     ImportKeyResponse import_response;
    954     device.ImportKey(import_request, &import_response);
    955     ASSERT_EQ(KM_ERROR_OK, import_response.error);
    956     EXPECT_EQ(0U, import_response.enforced.size());
    957     EXPECT_GT(import_response.unenforced.size(), 0U);
    958 
    959     // Check values derived from the key.
    960     EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA));
    961     EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 1024));
    962 
    963     // And values provided by GoogleKeymaster
    964     EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
    965     EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
    966 
    967     size_t message_len = 48;
    968     UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
    969     std::fill(message.get(), message.get() + message_len, 'a');
    970     SignMessage(import_response.key_blob, message.get(), message_len);
    971     ASSERT_TRUE(signature() != NULL);
    972 
    973     BeginOperationRequest begin_request;
    974     BeginOperationResponse begin_response;
    975     begin_request.SetKeyMaterial(import_response.key_blob);
    976     begin_request.purpose = KM_PURPOSE_VERIFY;
    977     AddClientParams(&begin_request.additional_params);
    978 
    979     device.BeginOperation(begin_request, &begin_response);
    980     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
    981 
    982     UpdateOperationRequest update_request;
    983     UpdateOperationResponse update_response;
    984     update_request.op_handle = begin_response.op_handle;
    985     update_request.input.Reinitialize(message.get(), message_len);
    986     EXPECT_EQ(message_len, update_request.input.available_read());
    987 
    988     device.UpdateOperation(update_request, &update_response);
    989     ASSERT_EQ(KM_ERROR_OK, update_response.error);
    990     EXPECT_EQ(0U, update_response.output.available_read());
    991 
    992     FinishOperationRequest finish_request;
    993     finish_request.op_handle = begin_response.op_handle;
    994     finish_request.signature.Reinitialize(*signature());
    995     FinishOperationResponse finish_response;
    996     device.FinishOperation(finish_request, &finish_response);
    997     ASSERT_EQ(KM_ERROR_OK, finish_response.error);
    998     EXPECT_EQ(0U, finish_response.output.available_read());
    999 
   1000     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
   1001 }
   1002 
   1003 TEST_F(ImportKeyTest, EcdsaSuccess) {
   1004     keymaster_key_param_t params[] = {
   1005         Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
   1006         Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
   1007         Authorization(TAG_DIGEST, KM_DIGEST_NONE),
   1008         Authorization(TAG_PADDING, KM_PAD_NONE),
   1009         Authorization(TAG_USER_ID, 7),
   1010         Authorization(TAG_USER_AUTH_ID, 8),
   1011         Authorization(TAG_APPLICATION_ID, "app_id", 6),
   1012         Authorization(TAG_AUTH_TIMEOUT, 300),
   1013     };
   1014 
   1015     string pk8_key = read_file("ec_privkey_pk8.der");
   1016     ASSERT_EQ(138U, pk8_key.size());
   1017 
   1018     ImportKeyRequest import_request;
   1019     import_request.key_description.Reinitialize(params, array_length(params));
   1020     import_request.key_format = KM_KEY_FORMAT_PKCS8;
   1021     import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size());
   1022 
   1023     ImportKeyResponse import_response;
   1024     device.ImportKey(import_request, &import_response);
   1025     ASSERT_EQ(KM_ERROR_OK, import_response.error);
   1026     EXPECT_EQ(0U, import_response.enforced.size());
   1027     EXPECT_GT(import_response.unenforced.size(), 0U);
   1028 
   1029     // Check values derived from the key.
   1030     EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA));
   1031     EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 256));
   1032 
   1033     // And values provided by GoogleKeymaster
   1034     EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED));
   1035     EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME));
   1036 
   1037     size_t message_len = 1024 / 8;
   1038     UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
   1039     std::fill(message.get(), message.get() + message_len, 'a');
   1040     SignMessage(import_response.key_blob, message.get(), message_len);
   1041     ASSERT_TRUE(signature() != NULL);
   1042 
   1043     BeginOperationRequest begin_request;
   1044     BeginOperationResponse begin_response;
   1045     begin_request.SetKeyMaterial(import_response.key_blob);
   1046     begin_request.purpose = KM_PURPOSE_VERIFY;
   1047     AddClientParams(&begin_request.additional_params);
   1048 
   1049     device.BeginOperation(begin_request, &begin_response);
   1050     ASSERT_EQ(KM_ERROR_OK, begin_response.error);
   1051 
   1052     UpdateOperationRequest update_request;
   1053     UpdateOperationResponse update_response;
   1054     update_request.op_handle = begin_response.op_handle;
   1055     update_request.input.Reinitialize(message.get(), message_len);
   1056     EXPECT_EQ(message_len, update_request.input.available_read());
   1057 
   1058     device.UpdateOperation(update_request, &update_response);
   1059     ASSERT_EQ(KM_ERROR_OK, update_response.error);
   1060     EXPECT_EQ(0U, update_response.output.available_read());
   1061 
   1062     FinishOperationRequest finish_request;
   1063     finish_request.op_handle = begin_response.op_handle;
   1064     finish_request.signature.Reinitialize(*signature());
   1065     FinishOperationResponse finish_response;
   1066     device.FinishOperation(finish_request, &finish_response);
   1067     ASSERT_EQ(KM_ERROR_OK, finish_response.error);
   1068     EXPECT_EQ(0U, finish_response.output.available_read());
   1069 
   1070     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));
   1071 }
   1072 
   1073 }  // namespace test
   1074 }  // namespace keymaster
   1075