1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #include <string> 18 #include <fstream> 19 20 #include <gtest/gtest.h> 21 22 #include <openssl/engine.h> 23 24 #include <keymaster/google_keymaster_utils.h> 25 #include <keymaster/keymaster_tags.h> 26 27 #include "google_keymaster_test_utils.h" 28 #include "google_softkeymaster.h" 29 30 using std::string; 31 using std::ifstream; 32 using std::istreambuf_iterator; 33 34 int main(int argc, char** argv) { 35 ::testing::InitGoogleTest(&argc, argv); 36 int result = RUN_ALL_TESTS(); 37 // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain. 38 CRYPTO_cleanup_all_ex_data(); 39 ERR_free_strings(); 40 return result; 41 } 42 43 namespace keymaster { 44 namespace test { 45 46 class KeymasterTest : public testing::Test { 47 protected: 48 KeymasterTest() : device(5, new StdoutLogger) { RAND_seed("foobar", 6); } 49 ~KeymasterTest() {} 50 51 GoogleSoftKeymaster device; 52 }; 53 54 typedef KeymasterTest CheckSupported; 55 TEST_F(CheckSupported, SupportedAlgorithms) { 56 // Shouldn't blow up on NULL. 57 device.SupportedAlgorithms(NULL); 58 59 SupportedResponse<keymaster_algorithm_t> response; 60 device.SupportedAlgorithms(&response); 61 EXPECT_EQ(KM_ERROR_OK, response.error); 62 EXPECT_EQ(3U, response.results_length); 63 EXPECT_EQ(KM_ALGORITHM_RSA, response.results[0]); 64 EXPECT_EQ(KM_ALGORITHM_DSA, response.results[1]); 65 EXPECT_EQ(KM_ALGORITHM_ECDSA, response.results[2]); 66 } 67 68 TEST_F(CheckSupported, SupportedBlockModes) { 69 // Shouldn't blow up on NULL. 70 device.SupportedBlockModes(KM_ALGORITHM_RSA, NULL); 71 72 SupportedResponse<keymaster_block_mode_t> response; 73 device.SupportedBlockModes(KM_ALGORITHM_RSA, &response); 74 EXPECT_EQ(KM_ERROR_OK, response.error); 75 EXPECT_EQ(0U, response.results_length); 76 77 device.SupportedBlockModes(KM_ALGORITHM_DSA, &response); 78 EXPECT_EQ(KM_ERROR_OK, response.error); 79 EXPECT_EQ(0U, response.results_length); 80 81 device.SupportedBlockModes(KM_ALGORITHM_ECDSA, &response); 82 EXPECT_EQ(KM_ERROR_OK, response.error); 83 EXPECT_EQ(0U, response.results_length); 84 85 device.SupportedBlockModes(KM_ALGORITHM_AES, &response); 86 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error); 87 } 88 89 TEST_F(CheckSupported, SupportedPaddingModes) { 90 // Shouldn't blow up on NULL. 91 device.SupportedPaddingModes(KM_ALGORITHM_RSA, NULL); 92 93 SupportedResponse<keymaster_padding_t> response; 94 device.SupportedPaddingModes(KM_ALGORITHM_RSA, &response); 95 EXPECT_EQ(KM_ERROR_OK, response.error); 96 EXPECT_EQ(1U, response.results_length); 97 EXPECT_EQ(KM_PAD_NONE, response.results[0]); 98 99 device.SupportedPaddingModes(KM_ALGORITHM_DSA, &response); 100 EXPECT_EQ(KM_ERROR_OK, response.error); 101 EXPECT_EQ(1U, response.results_length); 102 EXPECT_EQ(KM_PAD_NONE, response.results[0]); 103 104 device.SupportedPaddingModes(KM_ALGORITHM_ECDSA, &response); 105 EXPECT_EQ(KM_ERROR_OK, response.error); 106 EXPECT_EQ(1U, response.results_length); 107 EXPECT_EQ(KM_PAD_NONE, response.results[0]); 108 109 device.SupportedPaddingModes(KM_ALGORITHM_AES, &response); 110 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error); 111 } 112 113 TEST_F(CheckSupported, SupportedDigests) { 114 // Shouldn't blow up on NULL. 115 device.SupportedDigests(KM_ALGORITHM_RSA, NULL); 116 117 SupportedResponse<keymaster_digest_t> response; 118 device.SupportedDigests(KM_ALGORITHM_RSA, &response); 119 EXPECT_EQ(KM_ERROR_OK, response.error); 120 EXPECT_EQ(1U, response.results_length); 121 EXPECT_EQ(KM_DIGEST_NONE, response.results[0]); 122 123 device.SupportedDigests(KM_ALGORITHM_DSA, &response); 124 EXPECT_EQ(KM_ERROR_OK, response.error); 125 EXPECT_EQ(1U, response.results_length); 126 EXPECT_EQ(KM_DIGEST_NONE, response.results[0]); 127 128 device.SupportedDigests(KM_ALGORITHM_ECDSA, &response); 129 EXPECT_EQ(KM_ERROR_OK, response.error); 130 EXPECT_EQ(1U, response.results_length); 131 EXPECT_EQ(KM_DIGEST_NONE, response.results[0]); 132 133 device.SupportedDigests(KM_ALGORITHM_AES, &response); 134 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error); 135 } 136 137 TEST_F(CheckSupported, SupportedImportFormats) { 138 // Shouldn't blow up on NULL. 139 device.SupportedImportFormats(KM_ALGORITHM_RSA, NULL); 140 141 SupportedResponse<keymaster_key_format_t> response; 142 device.SupportedImportFormats(KM_ALGORITHM_RSA, &response); 143 EXPECT_EQ(KM_ERROR_OK, response.error); 144 EXPECT_EQ(1U, response.results_length); 145 EXPECT_EQ(KM_KEY_FORMAT_PKCS8, response.results[0]); 146 147 device.SupportedImportFormats(KM_ALGORITHM_DSA, &response); 148 EXPECT_EQ(KM_ERROR_OK, response.error); 149 EXPECT_EQ(1U, response.results_length); 150 EXPECT_EQ(KM_KEY_FORMAT_PKCS8, response.results[0]); 151 152 device.SupportedImportFormats(KM_ALGORITHM_ECDSA, &response); 153 EXPECT_EQ(KM_ERROR_OK, response.error); 154 EXPECT_EQ(1U, response.results_length); 155 EXPECT_EQ(KM_KEY_FORMAT_PKCS8, response.results[0]); 156 157 device.SupportedImportFormats(KM_ALGORITHM_AES, &response); 158 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error); 159 } 160 161 TEST_F(CheckSupported, SupportedExportFormats) { 162 // Shouldn't blow up on NULL. 163 device.SupportedExportFormats(KM_ALGORITHM_RSA, NULL); 164 165 SupportedResponse<keymaster_key_format_t> response; 166 device.SupportedExportFormats(KM_ALGORITHM_RSA, &response); 167 EXPECT_EQ(KM_ERROR_OK, response.error); 168 EXPECT_EQ(1U, response.results_length); 169 EXPECT_EQ(KM_KEY_FORMAT_X509, response.results[0]); 170 171 device.SupportedExportFormats(KM_ALGORITHM_DSA, &response); 172 EXPECT_EQ(KM_ERROR_OK, response.error); 173 EXPECT_EQ(1U, response.results_length); 174 EXPECT_EQ(KM_KEY_FORMAT_X509, response.results[0]); 175 176 device.SupportedExportFormats(KM_ALGORITHM_ECDSA, &response); 177 EXPECT_EQ(KM_ERROR_OK, response.error); 178 EXPECT_EQ(1U, response.results_length); 179 EXPECT_EQ(KM_KEY_FORMAT_X509, response.results[0]); 180 181 device.SupportedExportFormats(KM_ALGORITHM_AES, &response); 182 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, response.error); 183 } 184 185 typedef KeymasterTest NewKeyGeneration; 186 TEST_F(NewKeyGeneration, Rsa) { 187 keymaster_key_param_t params[] = { 188 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), 189 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), 190 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA), 191 Authorization(TAG_KEY_SIZE, 256), 192 Authorization(TAG_USER_ID, 7), 193 Authorization(TAG_USER_AUTH_ID, 8), 194 Authorization(TAG_APPLICATION_ID, "app_id", 6), 195 Authorization(TAG_APPLICATION_DATA, "app_data", 8), 196 Authorization(TAG_AUTH_TIMEOUT, 300), 197 }; 198 GenerateKeyRequest req; 199 req.key_description.Reinitialize(params, array_length(params)); 200 GenerateKeyResponse rsp; 201 202 device.GenerateKey(req, &rsp); 203 204 ASSERT_EQ(KM_ERROR_OK, rsp.error); 205 EXPECT_EQ(0U, rsp.enforced.size()); 206 EXPECT_EQ(12U, rsp.enforced.SerializedSize()); 207 EXPECT_GT(rsp.unenforced.SerializedSize(), 12U); 208 209 // Check specified tags are all present in unenforced characteristics 210 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN)); 211 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY)); 212 213 EXPECT_TRUE(contains(rsp.unenforced, TAG_ALGORITHM, KM_ALGORITHM_RSA)); 214 215 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7)); 216 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8)); 217 EXPECT_TRUE(contains(rsp.unenforced, TAG_KEY_SIZE, 256)); 218 EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300)); 219 220 // Verify that App ID, App data and ROT are NOT included. 221 EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST)); 222 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID)); 223 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA)); 224 225 // Just for giggles, check that some unexpected tags/values are NOT present. 226 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT)); 227 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT)); 228 EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301)); 229 EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT)); 230 231 // Now check that unspecified, defaulted tags are correct. 232 EXPECT_TRUE(contains(rsp.unenforced, TAG_RSA_PUBLIC_EXPONENT, 65537)); 233 EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE)); 234 EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME)); 235 } 236 237 TEST_F(NewKeyGeneration, Dsa) { 238 keymaster_key_param_t params[] = { 239 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), 240 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), 241 Authorization(TAG_ALGORITHM, KM_ALGORITHM_DSA), 242 Authorization(TAG_KEY_SIZE, 256), 243 Authorization(TAG_USER_ID, 7), 244 Authorization(TAG_USER_AUTH_ID, 8), 245 Authorization(TAG_APPLICATION_ID, "app_id", 6), 246 Authorization(TAG_APPLICATION_DATA, "app_data", 8), 247 Authorization(TAG_AUTH_TIMEOUT, 300), 248 }; 249 GenerateKeyRequest req; 250 req.key_description.Reinitialize(params, array_length(params)); 251 GenerateKeyResponse rsp; 252 253 device.GenerateKey(req, &rsp); 254 255 ASSERT_EQ(KM_ERROR_OK, rsp.error); 256 EXPECT_EQ(0U, rsp.enforced.size()); 257 EXPECT_EQ(12U, rsp.enforced.SerializedSize()); 258 EXPECT_GT(rsp.unenforced.SerializedSize(), 12U); 259 260 // Check specified tags are all present in unenforced characteristics 261 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN)); 262 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY)); 263 264 EXPECT_TRUE(contains(rsp.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA)); 265 266 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7)); 267 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8)); 268 EXPECT_TRUE(contains(rsp.unenforced, TAG_KEY_SIZE, 256)); 269 EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300)); 270 271 // Verify that App ID, App data and ROT are NOT included. 272 EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST)); 273 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID)); 274 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA)); 275 276 // Just for giggles, check that some unexpected tags/values are NOT present. 277 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT)); 278 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT)); 279 EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301)); 280 EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT)); 281 282 // Now check that unspecified, defaulted tags are correct. 283 EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE)); 284 EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME)); 285 286 // Generator should have created DSA params. 287 keymaster_blob_t g, p, q; 288 EXPECT_TRUE(rsp.unenforced.GetTagValue(TAG_DSA_GENERATOR, &g)); 289 EXPECT_TRUE(rsp.unenforced.GetTagValue(TAG_DSA_P, &p)); 290 EXPECT_TRUE(rsp.unenforced.GetTagValue(TAG_DSA_Q, &q)); 291 EXPECT_TRUE(g.data_length >= 63 && g.data_length <= 64); 292 EXPECT_EQ(64U, p.data_length); 293 EXPECT_EQ(20U, q.data_length); 294 } 295 296 TEST_F(NewKeyGeneration, Ecdsa) { 297 keymaster_key_param_t params[] = { 298 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), 299 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), 300 Authorization(TAG_ALGORITHM, KM_ALGORITHM_ECDSA), 301 Authorization(TAG_KEY_SIZE, 256), 302 Authorization(TAG_USER_ID, 7), 303 Authorization(TAG_USER_AUTH_ID, 8), 304 Authorization(TAG_APPLICATION_ID, "app_id", 6), 305 Authorization(TAG_APPLICATION_DATA, "app_data", 8), 306 Authorization(TAG_AUTH_TIMEOUT, 300), 307 }; 308 GenerateKeyRequest req; 309 req.key_description.Reinitialize(params, array_length(params)); 310 GenerateKeyResponse rsp; 311 312 device.GenerateKey(req, &rsp); 313 314 ASSERT_EQ(KM_ERROR_OK, rsp.error); 315 EXPECT_EQ(0U, rsp.enforced.size()); 316 EXPECT_EQ(12U, rsp.enforced.SerializedSize()); 317 EXPECT_GT(rsp.unenforced.SerializedSize(), 12U); 318 319 // Check specified tags are all present in unenforced characteristics 320 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_SIGN)); 321 EXPECT_TRUE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_VERIFY)); 322 323 EXPECT_TRUE(contains(rsp.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA)); 324 325 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_ID, 7)); 326 EXPECT_TRUE(contains(rsp.unenforced, TAG_USER_AUTH_ID, 8)); 327 EXPECT_TRUE(contains(rsp.unenforced, TAG_KEY_SIZE, 256)); 328 EXPECT_TRUE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 300)); 329 330 // Verify that App ID, App data and ROT are NOT included. 331 EXPECT_FALSE(contains(rsp.unenforced, TAG_ROOT_OF_TRUST)); 332 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_ID)); 333 EXPECT_FALSE(contains(rsp.unenforced, TAG_APPLICATION_DATA)); 334 335 // Just for giggles, check that some unexpected tags/values are NOT present. 336 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_ENCRYPT)); 337 EXPECT_FALSE(contains(rsp.unenforced, TAG_PURPOSE, KM_PURPOSE_DECRYPT)); 338 EXPECT_FALSE(contains(rsp.unenforced, TAG_AUTH_TIMEOUT, 301)); 339 EXPECT_FALSE(contains(rsp.unenforced, TAG_RESCOPE_AUTH_TIMEOUT)); 340 341 // Now check that unspecified, defaulted tags are correct. 342 EXPECT_TRUE(contains(rsp.unenforced, TAG_ORIGIN, KM_ORIGIN_SOFTWARE)); 343 EXPECT_TRUE(contains(rsp.unenforced, KM_TAG_CREATION_DATETIME)); 344 } 345 346 typedef KeymasterTest GetKeyCharacteristics; 347 TEST_F(GetKeyCharacteristics, SimpleRsa) { 348 keymaster_key_param_t params[] = { 349 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), 350 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), 351 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA), 352 Authorization(TAG_KEY_SIZE, 256), 353 Authorization(TAG_USER_ID, 7), 354 Authorization(TAG_USER_AUTH_ID, 8), 355 Authorization(TAG_APPLICATION_ID, "app_id", 6), 356 Authorization(TAG_AUTH_TIMEOUT, 300), 357 }; 358 359 GenerateKeyRequest gen_req; 360 gen_req.key_description.Reinitialize(params, array_length(params)); 361 GenerateKeyResponse gen_rsp; 362 363 device.GenerateKey(gen_req, &gen_rsp); 364 ASSERT_EQ(KM_ERROR_OK, gen_rsp.error); 365 366 GetKeyCharacteristicsRequest req; 367 req.SetKeyMaterial(gen_rsp.key_blob); 368 req.additional_params.push_back(TAG_APPLICATION_ID, "app_id", 6); 369 370 GetKeyCharacteristicsResponse rsp; 371 device.GetKeyCharacteristics(req, &rsp); 372 ASSERT_EQ(KM_ERROR_OK, rsp.error); 373 374 EXPECT_EQ(gen_rsp.enforced, rsp.enforced); 375 EXPECT_EQ(gen_rsp.unenforced, rsp.unenforced); 376 } 377 378 /** 379 * Test class that provides some infrastructure for generating keys and signing messages. 380 */ 381 class SigningOperationsTest : public KeymasterTest { 382 protected: 383 void GenerateKey(keymaster_algorithm_t algorithm, keymaster_digest_t digest, 384 keymaster_padding_t padding, uint32_t key_size) { 385 keymaster_key_param_t params[] = { 386 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), 387 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), 388 Authorization(TAG_ALGORITHM, algorithm), 389 Authorization(TAG_KEY_SIZE, key_size), 390 Authorization(TAG_USER_ID, 7), 391 Authorization(TAG_USER_AUTH_ID, 8), 392 Authorization(TAG_APPLICATION_ID, "app_id", 6), 393 Authorization(TAG_AUTH_TIMEOUT, 300), 394 }; 395 GenerateKeyRequest generate_request; 396 generate_request.key_description.Reinitialize(params, array_length(params)); 397 if (static_cast<int>(digest) != -1) 398 generate_request.key_description.push_back(TAG_DIGEST, digest); 399 if (static_cast<int>(padding) != -1) 400 generate_request.key_description.push_back(TAG_PADDING, padding); 401 device.GenerateKey(generate_request, &generate_response_); 402 EXPECT_EQ(KM_ERROR_OK, generate_response_.error); 403 } 404 405 void SignMessage(const void* message, size_t size) { 406 SignMessage(generate_response_.key_blob, message, size); 407 } 408 409 void SignMessage(const keymaster_key_blob_t& key_blob, const void* message, size_t size) { 410 BeginOperationRequest begin_request; 411 BeginOperationResponse begin_response; 412 begin_request.SetKeyMaterial(key_blob); 413 begin_request.purpose = KM_PURPOSE_SIGN; 414 AddClientParams(&begin_request.additional_params); 415 416 device.BeginOperation(begin_request, &begin_response); 417 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 418 419 UpdateOperationRequest update_request; 420 UpdateOperationResponse update_response; 421 update_request.op_handle = begin_response.op_handle; 422 update_request.input.Reinitialize(message, size); 423 EXPECT_EQ(size, update_request.input.available_read()); 424 425 device.UpdateOperation(update_request, &update_response); 426 ASSERT_EQ(KM_ERROR_OK, update_response.error); 427 EXPECT_EQ(0U, update_response.output.available_read()); 428 429 FinishOperationRequest finish_request; 430 finish_request.op_handle = begin_response.op_handle; 431 device.FinishOperation(finish_request, &finish_response_); 432 ASSERT_EQ(KM_ERROR_OK, finish_response_.error); 433 EXPECT_GT(finish_response_.output.available_read(), 0U); 434 } 435 436 void AddClientParams(AuthorizationSet* set) { set->push_back(TAG_APPLICATION_ID, "app_id", 6); } 437 438 const keymaster_key_blob_t& key_blob() { return generate_response_.key_blob; } 439 440 const keymaster_key_blob_t& corrupt_key_blob() { 441 uint8_t* tmp = const_cast<uint8_t*>(generate_response_.key_blob.key_material); 442 ++tmp[generate_response_.key_blob.key_material_size / 2]; 443 return generate_response_.key_blob; 444 } 445 446 Buffer* signature() { 447 if (finish_response_.error == KM_ERROR_OK) 448 return &finish_response_.output; 449 return NULL; 450 } 451 452 private: 453 GenerateKeyResponse generate_response_; 454 FinishOperationResponse finish_response_; 455 }; 456 457 TEST_F(SigningOperationsTest, RsaSuccess) { 458 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */); 459 const char message[] = "12345678901234567890123456789012"; 460 461 BeginOperationRequest begin_request; 462 BeginOperationResponse begin_response; 463 begin_request.SetKeyMaterial(key_blob()); 464 begin_request.purpose = KM_PURPOSE_SIGN; 465 AddClientParams(&begin_request.additional_params); 466 467 device.BeginOperation(begin_request, &begin_response); 468 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 469 470 UpdateOperationRequest update_request; 471 UpdateOperationResponse update_response; 472 update_request.op_handle = begin_response.op_handle; 473 update_request.input.Reinitialize(message, array_size(message) - 1); 474 EXPECT_EQ(array_size(message) - 1, update_request.input.available_read()); 475 476 device.UpdateOperation(update_request, &update_response); 477 ASSERT_EQ(KM_ERROR_OK, update_response.error); 478 EXPECT_EQ(0U, update_response.output.available_read()); 479 480 FinishOperationRequest finish_request; 481 finish_request.op_handle = begin_response.op_handle; 482 FinishOperationResponse finish_response; 483 device.FinishOperation(finish_request, &finish_response); 484 ASSERT_EQ(KM_ERROR_OK, finish_response.error); 485 EXPECT_GT(finish_response.output.available_read(), 0U); 486 487 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 488 } 489 490 TEST_F(SigningOperationsTest, DsaSuccess) { 491 GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */); 492 493 BeginOperationRequest begin_request; 494 BeginOperationResponse begin_response; 495 begin_request.SetKeyMaterial(key_blob()); 496 begin_request.purpose = KM_PURPOSE_SIGN; 497 AddClientParams(&begin_request.additional_params); 498 499 device.BeginOperation(begin_request, &begin_response); 500 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 501 502 UpdateOperationRequest update_request; 503 UpdateOperationResponse update_response; 504 update_request.op_handle = begin_response.op_handle; 505 update_request.input.Reinitialize("123456789012345678901234567890123456789012345678", 48); 506 EXPECT_EQ(48U, update_request.input.available_read()); 507 508 device.UpdateOperation(update_request, &update_response); 509 ASSERT_EQ(KM_ERROR_OK, update_response.error); 510 EXPECT_EQ(0U, update_response.output.available_read()); 511 512 FinishOperationRequest finish_request; 513 finish_request.op_handle = begin_response.op_handle; 514 FinishOperationResponse finish_response; 515 device.FinishOperation(finish_request, &finish_response); 516 ASSERT_EQ(KM_ERROR_OK, finish_response.error); 517 EXPECT_GT(finish_response.output.available_read(), 0U); 518 519 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 520 } 521 522 TEST_F(SigningOperationsTest, EcdsaSuccess) { 523 GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 192 /* key size */); 524 525 BeginOperationRequest begin_request; 526 BeginOperationResponse begin_response; 527 begin_request.SetKeyMaterial(key_blob()); 528 begin_request.purpose = KM_PURPOSE_SIGN; 529 AddClientParams(&begin_request.additional_params); 530 531 device.BeginOperation(begin_request, &begin_response); 532 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 533 534 UpdateOperationRequest update_request; 535 UpdateOperationResponse update_response; 536 update_request.op_handle = begin_response.op_handle; 537 update_request.input.Reinitialize("123456789012345678901234567890123456789012345678", 48); 538 EXPECT_EQ(48U, update_request.input.available_read()); 539 540 device.UpdateOperation(update_request, &update_response); 541 ASSERT_EQ(KM_ERROR_OK, update_response.error); 542 EXPECT_EQ(0U, update_response.output.available_read()); 543 544 FinishOperationRequest finish_request; 545 finish_request.op_handle = begin_response.op_handle; 546 FinishOperationResponse finish_response; 547 device.FinishOperation(finish_request, &finish_response); 548 ASSERT_EQ(KM_ERROR_OK, finish_response.error); 549 EXPECT_GT(finish_response.output.available_read(), 0U); 550 551 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 552 } 553 554 TEST_F(SigningOperationsTest, RsaAbort) { 555 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */); 556 557 BeginOperationRequest begin_request; 558 BeginOperationResponse begin_response; 559 begin_request.SetKeyMaterial(key_blob()); 560 begin_request.purpose = KM_PURPOSE_SIGN; 561 AddClientParams(&begin_request.additional_params); 562 563 device.BeginOperation(begin_request, &begin_response); 564 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 565 566 EXPECT_EQ(KM_ERROR_OK, device.AbortOperation(begin_response.op_handle)); 567 568 // Another abort should fail 569 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 570 } 571 572 TEST_F(SigningOperationsTest, RsaUnsupportedDigest) { 573 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_SHA_2_256, KM_PAD_NONE, 256 /* key size */); 574 575 BeginOperationRequest begin_request; 576 BeginOperationResponse begin_response; 577 begin_request.purpose = KM_PURPOSE_SIGN; 578 begin_request.SetKeyMaterial(key_blob()); 579 AddClientParams(&begin_request.additional_params); 580 581 device.BeginOperation(begin_request, &begin_response); 582 ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error); 583 584 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 585 } 586 587 TEST_F(SigningOperationsTest, RsaUnsupportedPadding) { 588 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_RSA_OAEP, 256 /* key size */); 589 590 BeginOperationRequest begin_request; 591 BeginOperationResponse begin_response; 592 begin_request.purpose = KM_PURPOSE_SIGN; 593 begin_request.SetKeyMaterial(key_blob()); 594 AddClientParams(&begin_request.additional_params); 595 596 device.BeginOperation(begin_request, &begin_response); 597 ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error); 598 599 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 600 } 601 602 TEST_F(SigningOperationsTest, RsaNoDigest) { 603 GenerateKey(KM_ALGORITHM_RSA, static_cast<keymaster_digest_t>(-1), KM_PAD_NONE, 604 256 /* key size */); 605 606 BeginOperationRequest begin_request; 607 BeginOperationResponse begin_response; 608 begin_request.purpose = KM_PURPOSE_SIGN; 609 begin_request.SetKeyMaterial(key_blob()); 610 AddClientParams(&begin_request.additional_params); 611 612 device.BeginOperation(begin_request, &begin_response); 613 ASSERT_EQ(KM_ERROR_UNSUPPORTED_DIGEST, begin_response.error); 614 615 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 616 } 617 618 TEST_F(SigningOperationsTest, RsaNoPadding) { 619 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, static_cast<keymaster_padding_t>(-1), 620 256 /* key size */); 621 622 BeginOperationRequest begin_request; 623 BeginOperationResponse begin_response; 624 begin_request.purpose = KM_PURPOSE_SIGN; 625 begin_request.SetKeyMaterial(key_blob()); 626 AddClientParams(&begin_request.additional_params); 627 628 device.BeginOperation(begin_request, &begin_response); 629 ASSERT_EQ(KM_ERROR_UNSUPPORTED_PADDING_MODE, begin_response.error); 630 631 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 632 } 633 634 TEST_F(SigningOperationsTest, RsaTooShortMessage) { 635 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */); 636 637 BeginOperationRequest begin_request; 638 BeginOperationResponse begin_response; 639 begin_request.SetKeyMaterial(key_blob()); 640 begin_request.purpose = KM_PURPOSE_SIGN; 641 AddClientParams(&begin_request.additional_params); 642 643 device.BeginOperation(begin_request, &begin_response); 644 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 645 646 UpdateOperationRequest update_request; 647 UpdateOperationResponse update_response; 648 update_request.op_handle = begin_response.op_handle; 649 update_request.input.Reinitialize("01234567890123456789012345678901", 31); 650 EXPECT_EQ(31U, update_request.input.available_read()); 651 652 device.UpdateOperation(update_request, &update_response); 653 ASSERT_EQ(KM_ERROR_OK, update_response.error); 654 EXPECT_EQ(0U, update_response.output.available_read()); 655 656 FinishOperationRequest finish_request; 657 finish_request.op_handle = begin_response.op_handle; 658 FinishOperationResponse finish_response; 659 device.FinishOperation(finish_request, &finish_response); 660 ASSERT_EQ(KM_ERROR_UNKNOWN_ERROR, finish_response.error); 661 EXPECT_EQ(0U, finish_response.output.available_read()); 662 663 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 664 } 665 666 typedef SigningOperationsTest VerificationOperationsTest; 667 TEST_F(VerificationOperationsTest, RsaSuccess) { 668 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */); 669 const char message[] = "12345678901234567890123456789012"; 670 SignMessage(message, array_size(message) - 1); 671 ASSERT_TRUE(signature() != NULL); 672 673 BeginOperationRequest begin_request; 674 BeginOperationResponse begin_response; 675 begin_request.SetKeyMaterial(key_blob()); 676 begin_request.purpose = KM_PURPOSE_VERIFY; 677 AddClientParams(&begin_request.additional_params); 678 679 device.BeginOperation(begin_request, &begin_response); 680 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 681 682 UpdateOperationRequest update_request; 683 UpdateOperationResponse update_response; 684 update_request.op_handle = begin_response.op_handle; 685 update_request.input.Reinitialize(message, array_size(message) - 1); 686 EXPECT_EQ(array_size(message) - 1, update_request.input.available_read()); 687 688 device.UpdateOperation(update_request, &update_response); 689 ASSERT_EQ(KM_ERROR_OK, update_response.error); 690 EXPECT_EQ(0U, update_response.output.available_read()); 691 692 FinishOperationRequest finish_request; 693 finish_request.op_handle = begin_response.op_handle; 694 finish_request.signature.Reinitialize(*signature()); 695 FinishOperationResponse finish_response; 696 device.FinishOperation(finish_request, &finish_response); 697 ASSERT_EQ(KM_ERROR_OK, finish_response.error); 698 EXPECT_EQ(0U, finish_response.output.available_read()); 699 700 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 701 } 702 703 TEST_F(VerificationOperationsTest, DsaSuccess) { 704 GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */); 705 const char message[] = "123456789012345678901234567890123456789012345678"; 706 SignMessage(message, array_size(message) - 1); 707 ASSERT_TRUE(signature() != NULL); 708 709 BeginOperationRequest begin_request; 710 BeginOperationResponse begin_response; 711 begin_request.SetKeyMaterial(key_blob()); 712 begin_request.purpose = KM_PURPOSE_VERIFY; 713 AddClientParams(&begin_request.additional_params); 714 715 device.BeginOperation(begin_request, &begin_response); 716 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 717 718 UpdateOperationRequest update_request; 719 UpdateOperationResponse update_response; 720 update_request.op_handle = begin_response.op_handle; 721 update_request.input.Reinitialize(message, array_size(message) - 1); 722 EXPECT_EQ(array_size(message) - 1, update_request.input.available_read()); 723 724 device.UpdateOperation(update_request, &update_response); 725 ASSERT_EQ(KM_ERROR_OK, update_response.error); 726 EXPECT_EQ(0U, update_response.output.available_read()); 727 728 FinishOperationRequest finish_request; 729 finish_request.op_handle = begin_response.op_handle; 730 finish_request.signature.Reinitialize(*signature()); 731 FinishOperationResponse finish_response; 732 device.FinishOperation(finish_request, &finish_response); 733 ASSERT_EQ(KM_ERROR_OK, finish_response.error); 734 EXPECT_EQ(0U, finish_response.output.available_read()); 735 736 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 737 } 738 739 TEST_F(VerificationOperationsTest, EcdsaSuccess) { 740 GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */); 741 const char message[] = "123456789012345678901234567890123456789012345678"; 742 SignMessage(message, array_size(message) - 1); 743 ASSERT_TRUE(signature() != NULL); 744 745 BeginOperationRequest begin_request; 746 BeginOperationResponse begin_response; 747 begin_request.SetKeyMaterial(key_blob()); 748 begin_request.purpose = KM_PURPOSE_VERIFY; 749 AddClientParams(&begin_request.additional_params); 750 751 device.BeginOperation(begin_request, &begin_response); 752 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 753 754 UpdateOperationRequest update_request; 755 UpdateOperationResponse update_response; 756 update_request.op_handle = begin_response.op_handle; 757 update_request.input.Reinitialize(message, array_size(message) - 1); 758 EXPECT_EQ(array_size(message) - 1, update_request.input.available_read()); 759 760 device.UpdateOperation(update_request, &update_response); 761 ASSERT_EQ(KM_ERROR_OK, update_response.error); 762 EXPECT_EQ(0U, update_response.output.available_read()); 763 764 FinishOperationRequest finish_request; 765 finish_request.op_handle = begin_response.op_handle; 766 finish_request.signature.Reinitialize(*signature()); 767 FinishOperationResponse finish_response; 768 device.FinishOperation(finish_request, &finish_response); 769 ASSERT_EQ(KM_ERROR_OK, finish_response.error); 770 EXPECT_EQ(0U, finish_response.output.available_read()); 771 772 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 773 } 774 775 typedef SigningOperationsTest ExportKeyTest; 776 TEST_F(ExportKeyTest, RsaSuccess) { 777 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256 /* key size */); 778 779 ExportKeyRequest request; 780 ExportKeyResponse response; 781 AddClientParams(&request.additional_params); 782 request.key_format = KM_KEY_FORMAT_X509; 783 request.SetKeyMaterial(key_blob()); 784 785 device.ExportKey(request, &response); 786 ASSERT_EQ(KM_ERROR_OK, response.error); 787 EXPECT_TRUE(response.key_data != NULL); 788 789 // TODO(swillden): Verify that the exported key is actually usable to verify signatures. 790 } 791 792 TEST_F(ExportKeyTest, DsaSuccess) { 793 GenerateKey(KM_ALGORITHM_DSA, KM_DIGEST_NONE, KM_PAD_NONE, 1024 /* key size */); 794 795 ExportKeyRequest request; 796 ExportKeyResponse response; 797 AddClientParams(&request.additional_params); 798 request.key_format = KM_KEY_FORMAT_X509; 799 request.SetKeyMaterial(key_blob()); 800 801 device.ExportKey(request, &response); 802 ASSERT_EQ(KM_ERROR_OK, response.error); 803 EXPECT_TRUE(response.key_data != NULL); 804 805 // TODO(swillden): Verify that the exported key is actually usable to verify signatures. 806 } 807 808 TEST_F(ExportKeyTest, EcdsaSuccess) { 809 GenerateKey(KM_ALGORITHM_ECDSA, KM_DIGEST_NONE, KM_PAD_NONE, 192 /* key size */); 810 811 ExportKeyRequest request; 812 ExportKeyResponse response; 813 AddClientParams(&request.additional_params); 814 request.key_format = KM_KEY_FORMAT_X509; 815 request.SetKeyMaterial(key_blob()); 816 817 device.ExportKey(request, &response); 818 ASSERT_EQ(KM_ERROR_OK, response.error); 819 EXPECT_TRUE(response.key_data != NULL); 820 821 // TODO(swillden): Verify that the exported key is actually usable to verify signatures. 822 } 823 824 TEST_F(ExportKeyTest, RsaUnsupportedKeyFormat) { 825 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256); 826 827 ExportKeyRequest request; 828 ExportKeyResponse response; 829 AddClientParams(&request.additional_params); 830 831 /* We have no other defined export formats defined. */ 832 request.key_format = KM_KEY_FORMAT_PKCS8; 833 request.SetKeyMaterial(key_blob()); 834 835 device.ExportKey(request, &response); 836 ASSERT_EQ(KM_ERROR_UNSUPPORTED_KEY_FORMAT, response.error); 837 EXPECT_TRUE(response.key_data == NULL); 838 } 839 840 TEST_F(ExportKeyTest, RsaCorruptedKeyBlob) { 841 GenerateKey(KM_ALGORITHM_RSA, KM_DIGEST_NONE, KM_PAD_NONE, 256); 842 843 ExportKeyRequest request; 844 ExportKeyResponse response; 845 AddClientParams(&request.additional_params); 846 request.key_format = KM_KEY_FORMAT_X509; 847 request.SetKeyMaterial(corrupt_key_blob()); 848 849 device.ExportKey(request, &response); 850 ASSERT_EQ(KM_ERROR_INVALID_KEY_BLOB, response.error); 851 ASSERT_TRUE(response.key_data == NULL); 852 } 853 854 static string read_file(const string& file_name) { 855 ifstream file_stream(file_name, std::ios::binary); 856 istreambuf_iterator<char> file_begin(file_stream); 857 istreambuf_iterator<char> file_end; 858 return string(file_begin, file_end); 859 } 860 861 typedef SigningOperationsTest ImportKeyTest; 862 TEST_F(ImportKeyTest, RsaSuccess) { 863 keymaster_key_param_t params[] = { 864 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), 865 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), 866 Authorization(TAG_DIGEST, KM_DIGEST_NONE), 867 Authorization(TAG_PADDING, KM_PAD_NONE), 868 Authorization(TAG_USER_ID, 7), 869 Authorization(TAG_USER_AUTH_ID, 8), 870 Authorization(TAG_APPLICATION_ID, "app_id", 6), 871 Authorization(TAG_AUTH_TIMEOUT, 300), 872 }; 873 874 string pk8_key = read_file("rsa_privkey_pk8.der"); 875 ASSERT_EQ(633U, pk8_key.size()); 876 877 ImportKeyRequest import_request; 878 import_request.key_description.Reinitialize(params, array_length(params)); 879 import_request.key_format = KM_KEY_FORMAT_PKCS8; 880 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size()); 881 882 ImportKeyResponse import_response; 883 device.ImportKey(import_request, &import_response); 884 ASSERT_EQ(KM_ERROR_OK, import_response.error); 885 EXPECT_EQ(0U, import_response.enforced.size()); 886 EXPECT_GT(import_response.unenforced.size(), 0U); 887 888 // Check values derived from the key. 889 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_RSA)); 890 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 1024)); 891 EXPECT_TRUE(contains(import_response.unenforced, TAG_RSA_PUBLIC_EXPONENT, 65537U)); 892 893 // And values provided by GoogleKeymaster 894 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED)); 895 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME)); 896 897 size_t message_len = 1024 / 8; 898 UniquePtr<uint8_t[]> message(new uint8_t[message_len]); 899 std::fill(message.get(), message.get() + message_len, 'a'); 900 SignMessage(import_response.key_blob, message.get(), message_len); 901 ASSERT_TRUE(signature() != NULL); 902 903 BeginOperationRequest begin_request; 904 BeginOperationResponse begin_response; 905 begin_request.SetKeyMaterial(import_response.key_blob); 906 begin_request.purpose = KM_PURPOSE_VERIFY; 907 AddClientParams(&begin_request.additional_params); 908 909 device.BeginOperation(begin_request, &begin_response); 910 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 911 912 UpdateOperationRequest update_request; 913 UpdateOperationResponse update_response; 914 update_request.op_handle = begin_response.op_handle; 915 update_request.input.Reinitialize(message.get(), message_len); 916 EXPECT_EQ(message_len, update_request.input.available_read()); 917 918 device.UpdateOperation(update_request, &update_response); 919 ASSERT_EQ(KM_ERROR_OK, update_response.error); 920 EXPECT_EQ(0U, update_response.output.available_read()); 921 922 FinishOperationRequest finish_request; 923 finish_request.op_handle = begin_response.op_handle; 924 finish_request.signature.Reinitialize(*signature()); 925 FinishOperationResponse finish_response; 926 device.FinishOperation(finish_request, &finish_response); 927 ASSERT_EQ(KM_ERROR_OK, finish_response.error); 928 EXPECT_EQ(0U, finish_response.output.available_read()); 929 930 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 931 } 932 933 TEST_F(ImportKeyTest, DsaSuccess) { 934 keymaster_key_param_t params[] = { 935 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), 936 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), 937 Authorization(TAG_DIGEST, KM_DIGEST_NONE), 938 Authorization(TAG_PADDING, KM_PAD_NONE), 939 Authorization(TAG_USER_ID, 7), 940 Authorization(TAG_USER_AUTH_ID, 8), 941 Authorization(TAG_APPLICATION_ID, "app_id", 6), 942 Authorization(TAG_AUTH_TIMEOUT, 300), 943 }; 944 945 string pk8_key = read_file("dsa_privkey_pk8.der"); 946 ASSERT_EQ(335U, pk8_key.size()); 947 948 ImportKeyRequest import_request; 949 import_request.key_description.Reinitialize(params, array_length(params)); 950 import_request.key_format = KM_KEY_FORMAT_PKCS8; 951 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size()); 952 953 ImportKeyResponse import_response; 954 device.ImportKey(import_request, &import_response); 955 ASSERT_EQ(KM_ERROR_OK, import_response.error); 956 EXPECT_EQ(0U, import_response.enforced.size()); 957 EXPECT_GT(import_response.unenforced.size(), 0U); 958 959 // Check values derived from the key. 960 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_DSA)); 961 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 1024)); 962 963 // And values provided by GoogleKeymaster 964 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED)); 965 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME)); 966 967 size_t message_len = 48; 968 UniquePtr<uint8_t[]> message(new uint8_t[message_len]); 969 std::fill(message.get(), message.get() + message_len, 'a'); 970 SignMessage(import_response.key_blob, message.get(), message_len); 971 ASSERT_TRUE(signature() != NULL); 972 973 BeginOperationRequest begin_request; 974 BeginOperationResponse begin_response; 975 begin_request.SetKeyMaterial(import_response.key_blob); 976 begin_request.purpose = KM_PURPOSE_VERIFY; 977 AddClientParams(&begin_request.additional_params); 978 979 device.BeginOperation(begin_request, &begin_response); 980 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 981 982 UpdateOperationRequest update_request; 983 UpdateOperationResponse update_response; 984 update_request.op_handle = begin_response.op_handle; 985 update_request.input.Reinitialize(message.get(), message_len); 986 EXPECT_EQ(message_len, update_request.input.available_read()); 987 988 device.UpdateOperation(update_request, &update_response); 989 ASSERT_EQ(KM_ERROR_OK, update_response.error); 990 EXPECT_EQ(0U, update_response.output.available_read()); 991 992 FinishOperationRequest finish_request; 993 finish_request.op_handle = begin_response.op_handle; 994 finish_request.signature.Reinitialize(*signature()); 995 FinishOperationResponse finish_response; 996 device.FinishOperation(finish_request, &finish_response); 997 ASSERT_EQ(KM_ERROR_OK, finish_response.error); 998 EXPECT_EQ(0U, finish_response.output.available_read()); 999 1000 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 1001 } 1002 1003 TEST_F(ImportKeyTest, EcdsaSuccess) { 1004 keymaster_key_param_t params[] = { 1005 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), 1006 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), 1007 Authorization(TAG_DIGEST, KM_DIGEST_NONE), 1008 Authorization(TAG_PADDING, KM_PAD_NONE), 1009 Authorization(TAG_USER_ID, 7), 1010 Authorization(TAG_USER_AUTH_ID, 8), 1011 Authorization(TAG_APPLICATION_ID, "app_id", 6), 1012 Authorization(TAG_AUTH_TIMEOUT, 300), 1013 }; 1014 1015 string pk8_key = read_file("ec_privkey_pk8.der"); 1016 ASSERT_EQ(138U, pk8_key.size()); 1017 1018 ImportKeyRequest import_request; 1019 import_request.key_description.Reinitialize(params, array_length(params)); 1020 import_request.key_format = KM_KEY_FORMAT_PKCS8; 1021 import_request.SetKeyMaterial(pk8_key.data(), pk8_key.size()); 1022 1023 ImportKeyResponse import_response; 1024 device.ImportKey(import_request, &import_response); 1025 ASSERT_EQ(KM_ERROR_OK, import_response.error); 1026 EXPECT_EQ(0U, import_response.enforced.size()); 1027 EXPECT_GT(import_response.unenforced.size(), 0U); 1028 1029 // Check values derived from the key. 1030 EXPECT_TRUE(contains(import_response.unenforced, TAG_ALGORITHM, KM_ALGORITHM_ECDSA)); 1031 EXPECT_TRUE(contains(import_response.unenforced, TAG_KEY_SIZE, 256)); 1032 1033 // And values provided by GoogleKeymaster 1034 EXPECT_TRUE(contains(import_response.unenforced, TAG_ORIGIN, KM_ORIGIN_IMPORTED)); 1035 EXPECT_TRUE(contains(import_response.unenforced, KM_TAG_CREATION_DATETIME)); 1036 1037 size_t message_len = 1024 / 8; 1038 UniquePtr<uint8_t[]> message(new uint8_t[message_len]); 1039 std::fill(message.get(), message.get() + message_len, 'a'); 1040 SignMessage(import_response.key_blob, message.get(), message_len); 1041 ASSERT_TRUE(signature() != NULL); 1042 1043 BeginOperationRequest begin_request; 1044 BeginOperationResponse begin_response; 1045 begin_request.SetKeyMaterial(import_response.key_blob); 1046 begin_request.purpose = KM_PURPOSE_VERIFY; 1047 AddClientParams(&begin_request.additional_params); 1048 1049 device.BeginOperation(begin_request, &begin_response); 1050 ASSERT_EQ(KM_ERROR_OK, begin_response.error); 1051 1052 UpdateOperationRequest update_request; 1053 UpdateOperationResponse update_response; 1054 update_request.op_handle = begin_response.op_handle; 1055 update_request.input.Reinitialize(message.get(), message_len); 1056 EXPECT_EQ(message_len, update_request.input.available_read()); 1057 1058 device.UpdateOperation(update_request, &update_response); 1059 ASSERT_EQ(KM_ERROR_OK, update_response.error); 1060 EXPECT_EQ(0U, update_response.output.available_read()); 1061 1062 FinishOperationRequest finish_request; 1063 finish_request.op_handle = begin_response.op_handle; 1064 finish_request.signature.Reinitialize(*signature()); 1065 FinishOperationResponse finish_response; 1066 device.FinishOperation(finish_request, &finish_response); 1067 ASSERT_EQ(KM_ERROR_OK, finish_response.error); 1068 EXPECT_EQ(0U, finish_response.output.available_read()); 1069 1070 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle)); 1071 } 1072 1073 } // namespace test 1074 } // namespace keymaster 1075