1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #include <UniquePtr.h> 18 19 #include <gtest/gtest.h> 20 21 #include <keymaster/android_keymaster.h> 22 #include <keymaster/android_keymaster_utils.h> 23 #include <keymaster/keymaster_tags.h> 24 25 #include "android_keymaster_test_utils.h" 26 27 namespace keymaster { 28 namespace test { 29 30 /** 31 * Serialize and deserialize a message. 32 */ 33 template <typename Message> 34 Message* round_trip(int32_t ver, const Message& message, size_t expected_size) { 35 size_t size = message.SerializedSize(); 36 EXPECT_EQ(expected_size, size); 37 if (size == 0) 38 return NULL; 39 40 UniquePtr<uint8_t[]> buf(new uint8_t[size]); 41 EXPECT_EQ(buf.get() + size, message.Serialize(buf.get(), buf.get() + size)); 42 43 Message* deserialized = new Message(ver); 44 const uint8_t* p = buf.get(); 45 EXPECT_TRUE(deserialized->Deserialize(&p, p + size)); 46 EXPECT_EQ((ptrdiff_t)size, p - buf.get()); 47 return deserialized; 48 } 49 50 struct EmptyKeymasterResponse : public KeymasterResponse { 51 EmptyKeymasterResponse(int32_t ver) : KeymasterResponse(ver) {} 52 size_t NonErrorSerializedSize() const { return 1; } 53 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* /* end */) const { 54 *buf++ = 0; 55 return buf; 56 } 57 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) { 58 if (*buf_ptr >= end) 59 return false; 60 EXPECT_EQ(0, **buf_ptr); 61 (*buf_ptr)++; 62 return true; 63 } 64 }; 65 66 TEST(RoundTrip, EmptyKeymasterResponse) { 67 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 68 EmptyKeymasterResponse msg(ver); 69 msg.error = KM_ERROR_OK; 70 71 UniquePtr<EmptyKeymasterResponse> deserialized(round_trip(ver, msg, 5)); 72 } 73 } 74 75 TEST(RoundTrip, EmptyKeymasterResponseError) { 76 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 77 EmptyKeymasterResponse msg(ver); 78 msg.error = KM_ERROR_MEMORY_ALLOCATION_FAILED; 79 80 UniquePtr<EmptyKeymasterResponse> deserialized(round_trip(ver, msg, 4)); 81 } 82 } 83 84 TEST(RoundTrip, SupportedByAlgorithmRequest) { 85 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 86 SupportedByAlgorithmRequest req(ver); 87 req.algorithm = KM_ALGORITHM_EC; 88 89 UniquePtr<SupportedByAlgorithmRequest> deserialized(round_trip(ver, req, 4)); 90 EXPECT_EQ(KM_ALGORITHM_EC, deserialized->algorithm); 91 } 92 } 93 94 TEST(RoundTrip, SupportedByAlgorithmAndPurposeRequest) { 95 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 96 SupportedByAlgorithmAndPurposeRequest req(ver); 97 req.algorithm = KM_ALGORITHM_EC; 98 req.purpose = KM_PURPOSE_DECRYPT; 99 100 UniquePtr<SupportedByAlgorithmAndPurposeRequest> deserialized(round_trip(ver, req, 8)); 101 EXPECT_EQ(KM_ALGORITHM_EC, deserialized->algorithm); 102 EXPECT_EQ(KM_PURPOSE_DECRYPT, deserialized->purpose); 103 } 104 } 105 106 TEST(RoundTrip, SupportedResponse) { 107 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 108 SupportedResponse<keymaster_digest_t> rsp(ver); 109 keymaster_digest_t digests[] = {KM_DIGEST_NONE, KM_DIGEST_MD5, KM_DIGEST_SHA1}; 110 rsp.error = KM_ERROR_OK; 111 rsp.SetResults(digests); 112 113 UniquePtr<SupportedResponse<keymaster_digest_t>> deserialized(round_trip(ver, rsp, 20)); 114 EXPECT_EQ(array_length(digests), deserialized->results_length); 115 EXPECT_EQ(0, memcmp(deserialized->results, digests, array_size(digests))); 116 } 117 } 118 119 static keymaster_key_param_t params[] = { 120 Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), 121 Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY), 122 Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA), 123 Authorization(TAG_USER_ID, 7), 124 Authorization(TAG_USER_AUTH_TYPE, HW_AUTH_PASSWORD), 125 Authorization(TAG_APPLICATION_ID, "app_id", 6), 126 Authorization(TAG_AUTH_TIMEOUT, 300), 127 }; 128 uint8_t TEST_DATA[] = "a key blob"; 129 130 TEST(RoundTrip, GenerateKeyRequest) { 131 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 132 GenerateKeyRequest req(ver); 133 req.key_description.Reinitialize(params, array_length(params)); 134 UniquePtr<GenerateKeyRequest> deserialized(round_trip(ver, req, 78)); 135 EXPECT_EQ(deserialized->key_description, req.key_description); 136 } 137 } 138 139 TEST(RoundTrip, GenerateKeyResponse) { 140 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 141 GenerateKeyResponse rsp(ver); 142 rsp.error = KM_ERROR_OK; 143 rsp.key_blob.key_material = dup_array(TEST_DATA); 144 rsp.key_blob.key_material_size = array_length(TEST_DATA); 145 rsp.enforced.Reinitialize(params, array_length(params)); 146 147 UniquePtr<GenerateKeyResponse> deserialized(round_trip(ver, rsp, 109)); 148 EXPECT_EQ(KM_ERROR_OK, deserialized->error); 149 EXPECT_EQ(deserialized->enforced, rsp.enforced); 150 EXPECT_EQ(deserialized->unenforced, rsp.unenforced); 151 } 152 } 153 154 TEST(RoundTrip, GenerateKeyResponseTestError) { 155 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 156 GenerateKeyResponse rsp(ver); 157 rsp.error = KM_ERROR_UNSUPPORTED_ALGORITHM; 158 rsp.key_blob.key_material = dup_array(TEST_DATA); 159 rsp.key_blob.key_material_size = array_length(TEST_DATA); 160 rsp.enforced.Reinitialize(params, array_length(params)); 161 162 UniquePtr<GenerateKeyResponse> deserialized(round_trip(ver, rsp, 4)); 163 EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, deserialized->error); 164 EXPECT_EQ(0U, deserialized->enforced.size()); 165 EXPECT_EQ(0U, deserialized->unenforced.size()); 166 EXPECT_EQ(0U, deserialized->key_blob.key_material_size); 167 } 168 } 169 170 TEST(RoundTrip, GetKeyCharacteristicsRequest) { 171 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 172 GetKeyCharacteristicsRequest req(ver); 173 req.additional_params.Reinitialize(params, array_length(params)); 174 req.SetKeyMaterial("foo", 3); 175 176 UniquePtr<GetKeyCharacteristicsRequest> deserialized(round_trip(ver, req, 85)); 177 EXPECT_EQ(7U, deserialized->additional_params.size()); 178 EXPECT_EQ(3U, deserialized->key_blob.key_material_size); 179 EXPECT_EQ(0, memcmp(deserialized->key_blob.key_material, "foo", 3)); 180 } 181 } 182 183 TEST(RoundTrip, GetKeyCharacteristicsResponse) { 184 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 185 GetKeyCharacteristicsResponse msg(ver); 186 msg.error = KM_ERROR_OK; 187 msg.enforced.Reinitialize(params, array_length(params)); 188 msg.unenforced.Reinitialize(params, array_length(params)); 189 190 UniquePtr<GetKeyCharacteristicsResponse> deserialized(round_trip(ver, msg, 160)); 191 EXPECT_EQ(msg.enforced, deserialized->enforced); 192 EXPECT_EQ(msg.unenforced, deserialized->unenforced); 193 } 194 } 195 196 TEST(RoundTrip, BeginOperationRequest) { 197 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 198 BeginOperationRequest msg(ver); 199 msg.purpose = KM_PURPOSE_SIGN; 200 msg.SetKeyMaterial("foo", 3); 201 msg.additional_params.Reinitialize(params, array_length(params)); 202 203 UniquePtr<BeginOperationRequest> deserialized(round_trip(ver, msg, 89)); 204 EXPECT_EQ(KM_PURPOSE_SIGN, deserialized->purpose); 205 EXPECT_EQ(3U, deserialized->key_blob.key_material_size); 206 EXPECT_EQ(0, memcmp(deserialized->key_blob.key_material, "foo", 3)); 207 EXPECT_EQ(msg.additional_params, deserialized->additional_params); 208 } 209 } 210 211 TEST(RoundTrip, BeginOperationResponse) { 212 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 213 BeginOperationResponse msg(ver); 214 msg.error = KM_ERROR_OK; 215 msg.op_handle = 0xDEADBEEF; 216 msg.output_params.push_back(Authorization(TAG_NONCE, "foo", 3)); 217 218 UniquePtr<BeginOperationResponse> deserialized; 219 switch (ver) { 220 case 0: 221 deserialized.reset(round_trip(ver, msg, 12)); 222 break; 223 case 1: 224 case 2: 225 deserialized.reset(round_trip(ver, msg, 39)); 226 break; 227 default: 228 FAIL(); 229 } 230 231 EXPECT_EQ(KM_ERROR_OK, deserialized->error); 232 EXPECT_EQ(0xDEADBEEF, deserialized->op_handle); 233 234 switch (ver) { 235 case 0: 236 EXPECT_EQ(0U, deserialized->output_params.size()); 237 break; 238 case 1: 239 case 2: 240 EXPECT_EQ(msg.output_params, deserialized->output_params); 241 break; 242 default: 243 FAIL(); 244 } 245 } 246 } 247 248 TEST(RoundTrip, BeginOperationResponseError) { 249 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 250 BeginOperationResponse msg(ver); 251 msg.error = KM_ERROR_INVALID_OPERATION_HANDLE; 252 msg.op_handle = 0xDEADBEEF; 253 254 UniquePtr<BeginOperationResponse> deserialized(round_trip(ver, msg, 4)); 255 EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, deserialized->error); 256 } 257 } 258 259 TEST(RoundTrip, UpdateOperationRequest) { 260 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 261 UpdateOperationRequest msg(ver); 262 msg.op_handle = 0xDEADBEEF; 263 msg.input.Reinitialize("foo", 3); 264 265 UniquePtr<UpdateOperationRequest> deserialized; 266 switch (ver) { 267 case 0: 268 deserialized.reset(round_trip(ver, msg, 15)); 269 break; 270 case 1: 271 case 2: 272 deserialized.reset(round_trip(ver, msg, 27)); 273 break; 274 default: 275 FAIL(); 276 } 277 EXPECT_EQ(3U, deserialized->input.available_read()); 278 EXPECT_EQ(0, memcmp(deserialized->input.peek_read(), "foo", 3)); 279 } 280 } 281 282 TEST(RoundTrip, UpdateOperationResponse) { 283 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 284 UpdateOperationResponse msg(ver); 285 msg.error = KM_ERROR_OK; 286 msg.output.Reinitialize("foo", 3); 287 msg.input_consumed = 99; 288 msg.output_params.push_back(TAG_APPLICATION_ID, "bar", 3); 289 290 UniquePtr<UpdateOperationResponse> deserialized; 291 switch (ver) { 292 case 0: 293 deserialized.reset(round_trip(ver, msg, 11)); 294 break; 295 case 1: 296 deserialized.reset(round_trip(ver, msg, 15)); 297 break; 298 case 2: 299 deserialized.reset(round_trip(ver, msg, 42)); 300 break; 301 default: 302 FAIL(); 303 } 304 EXPECT_EQ(KM_ERROR_OK, deserialized->error); 305 EXPECT_EQ(3U, deserialized->output.available_read()); 306 EXPECT_EQ(0, memcmp(deserialized->output.peek_read(), "foo", 3)); 307 308 switch (ver) { 309 case 0: 310 EXPECT_EQ(0U, deserialized->input_consumed); 311 break; 312 case 1: 313 EXPECT_EQ(99U, deserialized->input_consumed); 314 break; 315 case 2: 316 EXPECT_EQ(99U, deserialized->input_consumed); 317 EXPECT_EQ(1U, deserialized->output_params.size()); 318 break; 319 default: 320 FAIL(); 321 } 322 } 323 } 324 325 TEST(RoundTrip, FinishOperationRequest) { 326 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 327 FinishOperationRequest msg(ver); 328 msg.op_handle = 0xDEADBEEF; 329 msg.signature.Reinitialize("bar", 3); 330 331 UniquePtr<FinishOperationRequest> deserialized; 332 switch (ver) { 333 case 0: 334 deserialized.reset(round_trip(ver, msg, 15)); 335 break; 336 case 1: 337 case 2: 338 deserialized.reset(round_trip(ver, msg, 27)); 339 break; 340 default: 341 FAIL(); 342 } 343 EXPECT_EQ(0xDEADBEEF, deserialized->op_handle); 344 EXPECT_EQ(3U, deserialized->signature.available_read()); 345 EXPECT_EQ(0, memcmp(deserialized->signature.peek_read(), "bar", 3)); 346 } 347 } 348 349 TEST(Round_Trip, FinishOperationResponse) { 350 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 351 FinishOperationResponse msg(ver); 352 msg.error = KM_ERROR_OK; 353 msg.output.Reinitialize("foo", 3); 354 355 UniquePtr<FinishOperationResponse> deserialized; 356 switch (ver) { 357 case 0: 358 case 1: 359 deserialized.reset(round_trip(ver, msg, 11)); 360 break; 361 case 2: 362 deserialized.reset(round_trip(ver, msg, 23)); 363 break; 364 default: 365 FAIL(); 366 } 367 EXPECT_EQ(msg.error, deserialized->error); 368 EXPECT_EQ(msg.output.available_read(), deserialized->output.available_read()); 369 EXPECT_EQ(0, memcmp(msg.output.peek_read(), deserialized->output.peek_read(), 370 msg.output.available_read())); 371 } 372 } 373 374 TEST(RoundTrip, ImportKeyRequest) { 375 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 376 ImportKeyRequest msg(ver); 377 msg.key_description.Reinitialize(params, array_length(params)); 378 msg.key_format = KM_KEY_FORMAT_X509; 379 msg.SetKeyMaterial("foo", 3); 380 381 UniquePtr<ImportKeyRequest> deserialized(round_trip(ver, msg, 89)); 382 EXPECT_EQ(msg.key_description, deserialized->key_description); 383 EXPECT_EQ(msg.key_format, deserialized->key_format); 384 EXPECT_EQ(msg.key_data_length, deserialized->key_data_length); 385 EXPECT_EQ(0, memcmp(msg.key_data, deserialized->key_data, msg.key_data_length)); 386 } 387 } 388 389 TEST(RoundTrip, ImportKeyResponse) { 390 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 391 ImportKeyResponse msg(ver); 392 msg.error = KM_ERROR_OK; 393 msg.SetKeyMaterial("foo", 3); 394 msg.enforced.Reinitialize(params, array_length(params)); 395 msg.unenforced.Reinitialize(params, array_length(params)); 396 397 UniquePtr<ImportKeyResponse> deserialized(round_trip(ver, msg, 167)); 398 EXPECT_EQ(msg.error, deserialized->error); 399 EXPECT_EQ(msg.key_blob.key_material_size, deserialized->key_blob.key_material_size); 400 EXPECT_EQ(0, memcmp(msg.key_blob.key_material, deserialized->key_blob.key_material, 401 msg.key_blob.key_material_size)); 402 EXPECT_EQ(msg.enforced, deserialized->enforced); 403 EXPECT_EQ(msg.unenforced, deserialized->unenforced); 404 } 405 } 406 407 TEST(RoundTrip, ExportKeyRequest) { 408 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 409 ExportKeyRequest msg(ver); 410 msg.additional_params.Reinitialize(params, array_length(params)); 411 msg.key_format = KM_KEY_FORMAT_X509; 412 msg.SetKeyMaterial("foo", 3); 413 414 UniquePtr<ExportKeyRequest> deserialized(round_trip(ver, msg, 89)); 415 EXPECT_EQ(msg.additional_params, deserialized->additional_params); 416 EXPECT_EQ(msg.key_format, deserialized->key_format); 417 EXPECT_EQ(3U, deserialized->key_blob.key_material_size); 418 EXPECT_EQ(0, memcmp("foo", deserialized->key_blob.key_material, 3)); 419 } 420 } 421 422 TEST(RoundTrip, ExportKeyResponse) { 423 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 424 ExportKeyResponse msg(ver); 425 msg.error = KM_ERROR_OK; 426 msg.SetKeyMaterial("foo", 3); 427 428 UniquePtr<ExportKeyResponse> deserialized(round_trip(ver, msg, 11)); 429 EXPECT_EQ(3U, deserialized->key_data_length); 430 EXPECT_EQ(0, memcmp("foo", deserialized->key_data, 3)); 431 } 432 } 433 434 TEST(RoundTrip, DeleteKeyRequest) { 435 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 436 DeleteKeyRequest msg(ver); 437 msg.SetKeyMaterial("foo", 3); 438 439 UniquePtr<DeleteKeyRequest> deserialized(round_trip(ver, msg, 7)); 440 EXPECT_EQ(3U, deserialized->key_blob.key_material_size); 441 EXPECT_EQ(0, memcmp("foo", deserialized->key_blob.key_material, 3)); 442 } 443 } 444 445 TEST(RoundTrip, DeleteKeyResponse) { 446 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 447 DeleteKeyResponse msg(ver); 448 UniquePtr<DeleteKeyResponse> deserialized(round_trip(ver, msg, 4)); 449 } 450 } 451 452 TEST(RoundTrip, DeleteAllKeysRequest) { 453 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 454 DeleteAllKeysRequest msg(ver); 455 UniquePtr<DeleteAllKeysRequest> deserialized(round_trip(ver, msg, 0)); 456 } 457 } 458 459 TEST(RoundTrip, DeleteAllKeysResponse) { 460 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 461 DeleteAllKeysResponse msg(ver); 462 UniquePtr<DeleteAllKeysResponse> deserialized(round_trip(ver, msg, 4)); 463 } 464 } 465 466 TEST(RoundTrip, GetVersionRequest) { 467 GetVersionRequest msg; 468 469 size_t size = msg.SerializedSize(); 470 ASSERT_EQ(0U, size); 471 472 UniquePtr<uint8_t[]> buf(new uint8_t[size]); 473 EXPECT_EQ(buf.get() + size, msg.Serialize(buf.get(), buf.get() + size)); 474 475 GetVersionRequest deserialized; 476 const uint8_t* p = buf.get(); 477 EXPECT_TRUE(deserialized.Deserialize(&p, p + size)); 478 EXPECT_EQ((ptrdiff_t)size, p - buf.get()); 479 } 480 481 TEST(RoundTrip, GetVersionResponse) { 482 GetVersionResponse msg; 483 msg.error = KM_ERROR_OK; 484 msg.major_ver = 9; 485 msg.minor_ver = 98; 486 msg.subminor_ver = 38; 487 488 size_t size = msg.SerializedSize(); 489 ASSERT_EQ(7U, size); 490 491 UniquePtr<uint8_t[]> buf(new uint8_t[size]); 492 EXPECT_EQ(buf.get() + size, msg.Serialize(buf.get(), buf.get() + size)); 493 494 GetVersionResponse deserialized; 495 const uint8_t* p = buf.get(); 496 EXPECT_TRUE(deserialized.Deserialize(&p, p + size)); 497 EXPECT_EQ((ptrdiff_t)size, p - buf.get()); 498 EXPECT_EQ(9U, msg.major_ver); 499 EXPECT_EQ(98U, msg.minor_ver); 500 EXPECT_EQ(38U, msg.subminor_ver); 501 } 502 503 TEST(RoundTrip, AddEntropyRequest) { 504 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 505 AddEntropyRequest msg(ver); 506 msg.random_data.Reinitialize("foo", 3); 507 508 UniquePtr<AddEntropyRequest> deserialized(round_trip(ver, msg, 7)); 509 EXPECT_EQ(3U, deserialized->random_data.available_read()); 510 EXPECT_EQ(0, memcmp("foo", deserialized->random_data.peek_read(), 3)); 511 } 512 } 513 514 TEST(RoundTrip, AddEntropyResponse) { 515 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 516 AddEntropyResponse msg(ver); 517 UniquePtr<AddEntropyResponse> deserialized(round_trip(ver, msg, 4)); 518 } 519 } 520 521 TEST(RoundTrip, AbortOperationRequest) { 522 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 523 AbortOperationRequest msg(ver); 524 UniquePtr<AbortOperationRequest> deserialized(round_trip(ver, msg, 8)); 525 } 526 } 527 528 TEST(RoundTrip, AbortOperationResponse) { 529 for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 530 AbortOperationResponse msg(ver); 531 UniquePtr<AbortOperationResponse> deserialized(round_trip(ver, msg, 4)); 532 } 533 } 534 535 uint8_t msgbuf[] = { 536 220, 88, 183, 255, 71, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 537 0, 173, 0, 0, 0, 228, 174, 98, 187, 191, 135, 253, 200, 51, 230, 114, 247, 151, 109, 538 237, 79, 87, 32, 94, 5, 204, 46, 154, 30, 91, 6, 103, 148, 254, 129, 65, 171, 228, 539 167, 224, 163, 9, 15, 206, 90, 58, 11, 205, 55, 211, 33, 87, 178, 149, 91, 28, 236, 540 218, 112, 231, 34, 82, 82, 134, 103, 137, 115, 27, 156, 102, 159, 220, 226, 89, 42, 25, 541 37, 9, 84, 239, 76, 161, 198, 72, 167, 163, 39, 91, 148, 191, 17, 191, 87, 169, 179, 542 136, 10, 194, 154, 4, 40, 107, 109, 61, 161, 20, 176, 247, 13, 214, 106, 229, 45, 17, 543 5, 60, 189, 64, 39, 166, 208, 14, 57, 25, 140, 148, 25, 177, 246, 189, 43, 181, 88, 544 204, 29, 126, 224, 100, 143, 93, 60, 57, 249, 55, 0, 87, 83, 227, 224, 166, 59, 214, 545 81, 144, 129, 58, 6, 57, 46, 254, 232, 41, 220, 209, 230, 167, 138, 158, 94, 180, 125, 546 247, 26, 162, 116, 238, 202, 187, 100, 65, 13, 180, 44, 245, 159, 83, 161, 176, 58, 72, 547 236, 109, 105, 160, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 548 0, 11, 0, 0, 0, 98, 0, 0, 0, 1, 0, 0, 32, 2, 0, 0, 0, 1, 0, 549 0, 32, 3, 0, 0, 0, 2, 0, 0, 16, 1, 0, 0, 0, 3, 0, 0, 48, 0, 550 1, 0, 0, 200, 0, 0, 80, 3, 0, 0, 0, 0, 0, 0, 0, 244, 1, 0, 112, 551 1, 246, 1, 0, 112, 1, 189, 2, 0, 96, 144, 178, 236, 250, 255, 255, 255, 255, 145, 552 1, 0, 96, 144, 226, 33, 60, 222, 2, 0, 0, 189, 2, 0, 96, 0, 0, 0, 0, 553 0, 0, 0, 0, 190, 2, 0, 16, 1, 0, 0, 0, 12, 0, 0, 0, 0, 0, 0, 554 0, 0, 0, 0, 0, 0, 0, 0, 0, 110, 0, 0, 0, 0, 0, 0, 0, 11, 0, 555 0, 0, 98, 0, 0, 0, 1, 0, 0, 32, 2, 0, 0, 0, 1, 0, 0, 32, 3, 556 0, 0, 0, 2, 0, 0, 16, 1, 0, 0, 0, 3, 0, 0, 48, 0, 1, 0, 0, 557 200, 0, 0, 80, 3, 0, 0, 0, 0, 0, 0, 0, 244, 1, 0, 112, 1, 246, 1, 558 0, 112, 1, 189, 2, 0, 96, 144, 178, 236, 250, 255, 255, 255, 255, 145, 1, 0, 96, 559 144, 226, 33, 60, 222, 2, 0, 0, 189, 2, 0, 96, 0, 0, 0, 0, 0, 0, 0, 560 0, 190, 2, 0, 16, 1, 0, 0, 0, 561 }; 562 563 /* 564 * These tests don't have any assertions or expectations. They just try to parse garbage, to see if 565 * the result will be a crash. This is especially informative when run under Valgrind memcheck. 566 */ 567 568 template <typename Message> void parse_garbage() { 569 for (int32_t ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) { 570 Message msg(ver); 571 const uint8_t* end = msgbuf + array_length(msgbuf); 572 for (size_t i = 0; i < array_length(msgbuf); ++i) { 573 const uint8_t* begin = msgbuf + i; 574 const uint8_t* p = begin; 575 msg.Deserialize(&p, end); 576 } 577 } 578 579 time_t now = time(NULL); 580 std::cout << "Seeding rand() with " << now << " for fuzz test." << std::endl; 581 srand(now); 582 583 // Fill large buffer with random bytes. 584 const int kBufSize = 10000; 585 UniquePtr<uint8_t[]> buf(new uint8_t[kBufSize]); 586 for (size_t i = 0; i < kBufSize; ++i) 587 buf[i] = static_cast<uint8_t>(rand()); 588 589 for (uint32_t ver = 0; ver < MAX_MESSAGE_VERSION; ++ver) { 590 Message msg(ver); 591 const uint8_t* end = buf.get() + kBufSize; 592 for (size_t i = 0; i < kBufSize; ++i) { 593 const uint8_t* begin = buf.get() + i; 594 const uint8_t* p = begin; 595 msg.Deserialize(&p, end); 596 } 597 } 598 } 599 600 #define GARBAGE_TEST(Message) \ 601 TEST(GarbageTest, Message) { parse_garbage<Message>(); } 602 603 GARBAGE_TEST(AbortOperationRequest); 604 GARBAGE_TEST(AbortOperationResponse); 605 GARBAGE_TEST(AddEntropyRequest); 606 GARBAGE_TEST(AddEntropyResponse); 607 GARBAGE_TEST(BeginOperationRequest); 608 GARBAGE_TEST(BeginOperationResponse); 609 GARBAGE_TEST(DeleteAllKeysRequest); 610 GARBAGE_TEST(DeleteAllKeysResponse); 611 GARBAGE_TEST(DeleteKeyRequest); 612 GARBAGE_TEST(DeleteKeyResponse); 613 GARBAGE_TEST(ExportKeyRequest); 614 GARBAGE_TEST(ExportKeyResponse); 615 GARBAGE_TEST(FinishOperationRequest); 616 GARBAGE_TEST(FinishOperationResponse); 617 GARBAGE_TEST(GenerateKeyRequest); 618 GARBAGE_TEST(GenerateKeyResponse); 619 GARBAGE_TEST(GetKeyCharacteristicsRequest); 620 GARBAGE_TEST(GetKeyCharacteristicsResponse); 621 GARBAGE_TEST(ImportKeyRequest); 622 GARBAGE_TEST(ImportKeyResponse); 623 GARBAGE_TEST(SupportedByAlgorithmAndPurposeRequest) 624 GARBAGE_TEST(SupportedByAlgorithmRequest) 625 GARBAGE_TEST(UpdateOperationRequest); 626 GARBAGE_TEST(UpdateOperationResponse); 627 628 // The macro doesn't work on this one. 629 TEST(GarbageTest, SupportedResponse) { 630 parse_garbage<SupportedResponse<keymaster_digest_t>>(); 631 } 632 633 } // namespace test 634 635 } // namespace keymaster 636
