Home | History | Annotate | Download | only in keymaster
      1 /*
      2  * Copyright (C) 2014 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 #include <algorithm>
     17 #include <fstream>
     18 
     19 #include <UniquePtr.h>
     20 #include <gtest/gtest.h>
     21 #include <openssl/engine.h>
     22 
     23 #include <hardware/keymaster0.h>
     24 
     25 #include <keymaster/android_keymaster.h>
     26 #include <keymaster/android_keymaster_messages.h>
     27 #include <keymaster/android_keymaster_utils.h>
     28 #include <keymaster/keymaster_tags.h>
     29 #include <keymaster/soft_keymaster_context.h>
     30 
     31 #include "android_keymaster_test_utils.h"
     32 #include "trusty_keymaster_device.h"
     33 #include "openssl_utils.h"
     34 
     35 using std::string;
     36 using std::ifstream;
     37 using std::istreambuf_iterator;
     38 
     39 static keymaster::AndroidKeymaster *impl_ =  nullptr;
     40 
     41 extern "C" {
     42 int __android_log_print();
     43 }
     44 
     45 int __android_log_print() {
     46     return 0;
     47 }
     48 
     49 int main(int argc, char** argv) {
     50     ::testing::InitGoogleTest(&argc, argv);
     51     int result = RUN_ALL_TESTS();
     52     // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain.
     53     CRYPTO_cleanup_all_ex_data();
     54     ERR_free_strings();
     55     return result;
     56 }
     57 
     58 int trusty_keymaster_connect() {
     59     impl_ = new keymaster::AndroidKeymaster(new keymaster::SoftKeymasterContext(nullptr), 16);
     60 }
     61 
     62 void trusty_keymaster_disconnect() {
     63     delete static_cast<keymaster::AndroidKeymaster*>(priv_);
     64 }
     65 
     66 template <typename Req, typename Rsp>
     67 static int fake_call(keymaster::AndroidKeymaster* device,
     68                        void (keymaster::AndroidKeymaster::*method)(const Req&, Rsp*), void* in_buf,
     69                        uint32_t in_size, void* out_buf, uint32_t* out_size) {
     70     Req req;
     71     const uint8_t* in = static_cast<uint8_t*>(in_buf);
     72     req.Deserialize(&in, in + in_size);
     73     Rsp rsp;
     74     (device->*method)(req, &rsp);
     75 
     76     *out_size = rsp.SerializedSize();
     77     uint8_t* out = static_cast<uint8_t*>(out_buf);
     78     rsp.Serialize(out, out + *out_size);
     79     return 0;
     80 }
     81 
     82 int trusty_keymaster_call(uint32_t cmd, void* in_buf, uint32_t in_size, void* out_buf,
     83                        uint32_t* out_size) {
     84     switch (cmd) {
     85     case KM_GENERATE_KEY:
     86         return fake_call(impl_, &keymaster::AndroidKeymaster::GenerateKey, in_buf, in_size,
     87                            out_buf, out_size);
     88     case KM_BEGIN_OPERATION:
     89         return fake_call(impl_, &keymaster::AndroidKeymaster::BeginOperation, in_buf, in_size,
     90                            out_buf, out_size);
     91     case KM_UPDATE_OPERATION:
     92         return fake_call(impl_, &keymaster::AndroidKeymaster::UpdateOperation, in_buf, in_size,
     93                            out_buf, out_size);
     94     case KM_FINISH_OPERATION:
     95         return fake_call(impl_, &keymaster::AndroidKeymaster::FinishOperation, in_buf, in_size,
     96                            out_buf, out_size);
     97     case KM_IMPORT_KEY:
     98         return fake_call(impl_, &keymaster::AndroidKeymaster::ImportKey, in_buf, in_size, out_buf,
     99                            out_size);
    100     case KM_EXPORT_KEY:
    101         return fake_call(impl_, &keymaster::AndroidKeymaster::ExportKey, in_buf, in_size, out_buf,
    102                            out_size);
    103     }
    104     return -EINVAL;
    105 
    106 }
    107 
    108 namespace keymaster {
    109 namespace test {
    110 
    111 class TrustyKeymasterTest : public testing::Test {
    112   protected:
    113     TrustyKeymasterTest() : device(NULL) {}
    114 
    115     keymaster_rsa_keygen_params_t build_rsa_params() {
    116         keymaster_rsa_keygen_params_t rsa_params;
    117         rsa_params.public_exponent = 65537;
    118         rsa_params.modulus_size = 2048;
    119         return rsa_params;
    120     }
    121 
    122     uint8_t* build_message(size_t length) {
    123         uint8_t* msg = new uint8_t[length];
    124         memset(msg, 'a', length);
    125         return msg;
    126     }
    127 
    128     size_t dsa_message_len(const keymaster_dsa_keygen_params_t& params) {
    129         switch (params.key_size) {
    130         case 256:
    131         case 1024:
    132             return 48;
    133         case 2048:
    134         case 4096:
    135             return 72;
    136         default:
    137             // Oops.
    138             return 0;
    139         }
    140     }
    141 
    142     TrustyKeymasterDevice device;
    143 };
    144 
    145 class Malloc_Delete {
    146   public:
    147     Malloc_Delete(void* p) : p_(p) {}
    148     ~Malloc_Delete() { free(p_); }
    149 
    150   private:
    151     void* p_;
    152 };
    153 
    154 typedef TrustyKeymasterTest KeyGenTest;
    155 TEST_F(KeyGenTest, RsaSuccess) {
    156     keymaster_rsa_keygen_params_t params = build_rsa_params();
    157     uint8_t* ptr = NULL;
    158     size_t size;
    159     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    160     EXPECT_GT(size, 0U);
    161     Malloc_Delete key_deleter(ptr);
    162 }
    163 
    164 TEST_F(KeyGenTest, EcdsaSuccess) {
    165     keymaster_ec_keygen_params_t ec_params = {256};
    166     uint8_t* ptr = NULL;
    167     size_t size;
    168     ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &ec_params, &ptr, &size));
    169     EXPECT_GT(size, 0U);
    170     Malloc_Delete key_deleter(ptr);
    171 }
    172 
    173 typedef TrustyKeymasterTest SigningTest;
    174 TEST_F(SigningTest, RsaSuccess) {
    175     keymaster_rsa_keygen_params_t params = build_rsa_params();
    176     uint8_t* ptr = NULL;
    177     size_t size;
    178     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    179     EXPECT_GT(size, 0U);
    180     Malloc_Delete key_deleter(ptr);
    181 
    182     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    183     size_t message_len = params.modulus_size / 8;
    184     UniquePtr<uint8_t[]> message(build_message(message_len));
    185     uint8_t* signature;
    186     size_t siglen;
    187     EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
    188                                             &signature, &siglen));
    189     Malloc_Delete sig_deleter(signature);
    190     EXPECT_EQ(message_len, siglen);
    191 }
    192 
    193 TEST_F(SigningTest, RsaShortMessage) {
    194     keymaster_rsa_keygen_params_t params = build_rsa_params();
    195     uint8_t* ptr = NULL;
    196     size_t size;
    197     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    198     EXPECT_GT(size, 0U);
    199     Malloc_Delete key_deleter(ptr);
    200 
    201     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    202     size_t message_len = params.modulus_size / 8 - 1;
    203     UniquePtr<uint8_t[]> message(build_message(message_len));
    204     uint8_t* signature;
    205     size_t siglen;
    206     EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(),
    207                                                        message_len, &signature, &siglen));
    208 }
    209 
    210 TEST_F(SigningTest, RsaLongMessage) {
    211     keymaster_rsa_keygen_params_t params = build_rsa_params();
    212     uint8_t* ptr = NULL;
    213     size_t size;
    214     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    215     EXPECT_GT(size, 0U);
    216     Malloc_Delete key_deleter(ptr);
    217 
    218     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    219     size_t message_len = params.modulus_size / 8 + 1;
    220     UniquePtr<uint8_t[]> message(build_message(message_len));
    221     uint8_t* signature;
    222     size_t siglen;
    223     EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(),
    224                                                        message_len, &signature, &siglen));
    225 }
    226 
    227 TEST_F(SigningTest, EcdsaSuccess) {
    228     keymaster_ec_keygen_params_t params = {256};
    229     uint8_t* ptr = NULL;
    230     size_t size;
    231     ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
    232     EXPECT_GT(size, 0U);
    233     Malloc_Delete key_deleter(ptr);
    234 
    235     keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
    236     uint8_t message[] = "12345678901234567890123456789012";
    237     uint8_t* signature;
    238     size_t siglen;
    239     ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
    240                                             array_size(message) - 1, &signature, &siglen));
    241     Malloc_Delete sig_deleter(signature);
    242     EXPECT_GT(siglen, 69U);
    243     EXPECT_LT(siglen, 73U);
    244 }
    245 
    246 TEST_F(SigningTest, EcdsaEmptyMessageSuccess) {
    247     keymaster_ec_keygen_params_t params = {256};
    248     uint8_t* ptr = NULL;
    249     size_t size;
    250     ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
    251     EXPECT_GT(size, 0U);
    252     Malloc_Delete key_deleter(ptr);
    253 
    254     keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
    255     uint8_t message[] = "";
    256     uint8_t* signature;
    257     size_t siglen;
    258     ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
    259                                             array_size(message) - 1, &signature, &siglen));
    260     Malloc_Delete sig_deleter(signature);
    261     EXPECT_GT(siglen, 69U);
    262     EXPECT_LT(siglen, 73U);
    263 }
    264 
    265 TEST_F(SigningTest, EcdsaLargeMessageSuccess) {
    266     keymaster_ec_keygen_params_t params = {256};
    267     uint8_t* ptr = NULL;
    268     size_t size;
    269     ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
    270     EXPECT_GT(size, 0U);
    271     Malloc_Delete key_deleter(ptr);
    272 
    273     keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
    274     size_t message_len = 1024 * 7;
    275     UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
    276     // contents of message don't matter.
    277     uint8_t* signature;
    278     size_t siglen;
    279     ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
    280                                             &signature, &siglen));
    281     Malloc_Delete sig_deleter(signature);
    282     EXPECT_GT(siglen, 69U);
    283     EXPECT_LT(siglen, 73U);
    284 }
    285 
    286 typedef TrustyKeymasterTest VerificationTest;
    287 TEST_F(VerificationTest, RsaSuccess) {
    288     keymaster_rsa_keygen_params_t params = build_rsa_params();
    289     uint8_t* ptr = NULL;
    290     size_t size;
    291     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    292     EXPECT_GT(size, 0U);
    293     Malloc_Delete key_deleter(ptr);
    294 
    295     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    296     size_t message_len = params.modulus_size / 8;
    297     UniquePtr<uint8_t[]> message(build_message(message_len));
    298     uint8_t* signature;
    299     size_t siglen;
    300     EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
    301                                             &signature, &siglen));
    302     Malloc_Delete sig_deleter(signature);
    303 
    304     EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len,
    305                                               signature, siglen));
    306 }
    307 
    308 TEST_F(VerificationTest, RsaBadSignature) {
    309     keymaster_rsa_keygen_params_t params = build_rsa_params();
    310     uint8_t* ptr = NULL;
    311     size_t size;
    312     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    313     EXPECT_GT(size, 0U);
    314     Malloc_Delete key_deleter(ptr);
    315 
    316     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    317     size_t message_len = params.modulus_size / 8;
    318     UniquePtr<uint8_t[]> message(build_message(message_len));
    319     uint8_t* signature;
    320     size_t siglen;
    321     EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
    322                                             &signature, &siglen));
    323 
    324     Malloc_Delete sig_deleter(signature);
    325     signature[siglen / 2]++;
    326     EXPECT_EQ(
    327         KM_ERROR_VERIFICATION_FAILED,
    328         device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature, siglen));
    329 }
    330 
    331 TEST_F(VerificationTest, RsaBadMessage) {
    332     keymaster_rsa_keygen_params_t params = build_rsa_params();
    333     uint8_t* ptr = NULL;
    334     size_t size;
    335     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    336     EXPECT_GT(size, 0U);
    337     Malloc_Delete key_deleter(ptr);
    338 
    339     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    340     size_t message_len = params.modulus_size / 8;
    341     UniquePtr<uint8_t[]> message(build_message(message_len));
    342     uint8_t* signature;
    343     size_t siglen;
    344     EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
    345                                             &signature, &siglen));
    346     Malloc_Delete sig_deleter(signature);
    347     message[0]++;
    348     EXPECT_EQ(
    349         KM_ERROR_VERIFICATION_FAILED,
    350         device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature, siglen));
    351 }
    352 
    353 TEST_F(VerificationTest, RsaShortMessage) {
    354     keymaster_rsa_keygen_params_t params = build_rsa_params();
    355     uint8_t* ptr = NULL;
    356     size_t size;
    357     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    358     EXPECT_GT(size, 0U);
    359     Malloc_Delete key_deleter(ptr);
    360 
    361     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    362     size_t message_len = params.modulus_size / 8;
    363     UniquePtr<uint8_t[]> message(build_message(message_len));
    364     uint8_t* signature;
    365     size_t siglen;
    366     EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
    367                                             &signature, &siglen));
    368 
    369     Malloc_Delete sig_deleter(signature);
    370     EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH,
    371               device.verify_data(&sig_params, ptr, size, message.get(), message_len - 1, signature,
    372                                  siglen));
    373 }
    374 
    375 TEST_F(VerificationTest, RsaLongMessage) {
    376     keymaster_rsa_keygen_params_t params = build_rsa_params();
    377     uint8_t* ptr = NULL;
    378     size_t size;
    379     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    380     EXPECT_GT(size, 0U);
    381     Malloc_Delete key_deleter(ptr);
    382 
    383     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    384     size_t message_len = params.modulus_size / 8;
    385     UniquePtr<uint8_t[]> message(build_message(message_len + 1));
    386     uint8_t* signature;
    387     size_t siglen;
    388     EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
    389                                             &signature, &siglen));
    390     Malloc_Delete sig_deleter(signature);
    391     EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH,
    392               device.verify_data(&sig_params, ptr, size, message.get(), message_len + 1, signature,
    393                                  siglen));
    394 }
    395 
    396 TEST_F(VerificationTest, EcdsaSuccess) {
    397     keymaster_ec_keygen_params_t params = {256};
    398     uint8_t* ptr = NULL;
    399     size_t size;
    400     ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
    401     EXPECT_GT(size, 0U);
    402     Malloc_Delete key_deleter(ptr);
    403 
    404     keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
    405     uint8_t message[] = "12345678901234567890123456789012";
    406     uint8_t* signature;
    407     size_t siglen;
    408     ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
    409                                             array_size(message) - 1, &signature, &siglen));
    410     Malloc_Delete sig_deleter(signature);
    411     EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message,
    412                                               array_size(message) - 1, signature, siglen));
    413 }
    414 
    415 TEST_F(VerificationTest, EcdsaLargeMessageSuccess) {
    416     keymaster_ec_keygen_params_t params = {256};
    417     uint8_t* ptr = NULL;
    418     size_t size;
    419     ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
    420     EXPECT_GT(size, 0U);
    421     Malloc_Delete key_deleter(ptr);
    422 
    423     keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
    424     size_t message_len = 1024 * 7;
    425     UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
    426     // contents of message don't matter.
    427     uint8_t* signature;
    428     size_t siglen;
    429     ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
    430                                             &signature, &siglen));
    431     Malloc_Delete sig_deleter(signature);
    432     EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len,
    433                                               signature, siglen));
    434 }
    435 
    436 static string read_file(const string& file_name) {
    437     ifstream file_stream(file_name, std::ios::binary);
    438     istreambuf_iterator<char> file_begin(file_stream);
    439     istreambuf_iterator<char> file_end;
    440     return string(file_begin, file_end);
    441 }
    442 
    443 typedef TrustyKeymasterTest ImportKeyTest;
    444 TEST_F(ImportKeyTest, RsaSuccess) {
    445     string pk8_key = read_file("../../../../system/keymaster/rsa_privkey_pk8.der");
    446     ASSERT_EQ(633U, pk8_key.size());
    447 
    448     uint8_t* key = NULL;
    449     size_t size;
    450     ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()),
    451                                                  pk8_key.size(), &key, &size));
    452     Malloc_Delete key_deleter(key);
    453 
    454     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    455     size_t message_size = 1024 /* key size */ / 8;
    456     UniquePtr<uint8_t[]> message(new uint8_t[message_size]);
    457     memset(message.get(), 'a', message_size);
    458     uint8_t* signature;
    459     size_t siglen;
    460     ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message.get(), message_size,
    461                                             &signature, &siglen));
    462     Malloc_Delete sig_deleter(signature);
    463     EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message.get(), message_size,
    464                                               signature, siglen));
    465 }
    466 
    467 TEST_F(ImportKeyTest, EcdsaSuccess) {
    468     string pk8_key = read_file("../../../../system/keymaster/ec_privkey_pk8.der");
    469     ASSERT_EQ(138U, pk8_key.size());
    470 
    471     uint8_t* key = NULL;
    472     size_t size;
    473     ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()),
    474                                                  pk8_key.size(), &key, &size));
    475     Malloc_Delete key_deleter(key);
    476 
    477     keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
    478     uint8_t message[] = "12345678901234567890123456789012";
    479     uint8_t* signature;
    480     size_t siglen;
    481     ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message,
    482                                             array_size(message) - 1, &signature, &siglen));
    483     Malloc_Delete sig_deleter(signature);
    484     EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message,
    485                                               array_size(message) - 1, signature, siglen));
    486 }
    487 
    488 struct EVP_PKEY_CTX_Delete {
    489     void operator()(EVP_PKEY_CTX* p) { EVP_PKEY_CTX_free(p); }
    490 };
    491 
    492 static void VerifySignature(const uint8_t* key, size_t key_len, const uint8_t* signature,
    493                             size_t signature_len, const uint8_t* message, size_t message_len) {
    494     UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(d2i_PUBKEY(NULL, &key, key_len));
    495     ASSERT_TRUE(pkey.get() != NULL);
    496     UniquePtr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
    497     ASSERT_TRUE(ctx.get() != NULL);
    498     ASSERT_EQ(1, EVP_PKEY_verify_init(ctx.get()));
    499     if (EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA)
    500         ASSERT_EQ(1, EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_NO_PADDING));
    501     EXPECT_EQ(1, EVP_PKEY_verify(ctx.get(), signature, signature_len, message, message_len));
    502 }
    503 
    504 typedef TrustyKeymasterTest ExportKeyTest;
    505 TEST_F(ExportKeyTest, RsaSuccess) {
    506     keymaster_rsa_keygen_params_t params = build_rsa_params();
    507     uint8_t* ptr = NULL;
    508     size_t size;
    509     ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
    510     EXPECT_GT(size, 0U);
    511     Malloc_Delete key_deleter(ptr);
    512 
    513     uint8_t* exported;
    514     size_t exported_size;
    515     EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(ptr, size, &exported, &exported_size));
    516     Malloc_Delete exported_deleter(exported);
    517 
    518     // Sign a message so we can verify it with the exported pubkey.
    519     keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
    520     size_t message_len = params.modulus_size / 8;
    521     UniquePtr<uint8_t[]> message(build_message(message_len));
    522     uint8_t* signature;
    523     size_t siglen;
    524     EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
    525                                             &signature, &siglen));
    526     Malloc_Delete sig_deleter(signature);
    527     EXPECT_EQ(message_len, siglen);
    528     const uint8_t* tmp = exported;
    529 
    530     VerifySignature(exported, exported_size, signature, siglen, message.get(), message_len);
    531 }
    532 
    533 typedef TrustyKeymasterTest ExportKeyTest;
    534 TEST_F(ExportKeyTest, EcdsaSuccess) {
    535     keymaster_ec_keygen_params_t params = {256};
    536     uint8_t* key = NULL;
    537     size_t size;
    538     ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &key, &size));
    539     EXPECT_GT(size, 0U);
    540     Malloc_Delete key_deleter(key);
    541 
    542     uint8_t* exported;
    543     size_t exported_size;
    544     EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(key, size, &exported, &exported_size));
    545     Malloc_Delete exported_deleter(exported);
    546 
    547     // Sign a message so we can verify it with the exported pubkey.
    548     keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
    549     uint8_t message[] = "12345678901234567890123456789012";
    550     uint8_t* signature;
    551     size_t siglen;
    552     ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message,
    553                                             array_size(message) - 1, &signature, &siglen));
    554     Malloc_Delete sig_deleter(signature);
    555     EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message,
    556                                               array_size(message) - 1, signature, siglen));
    557 
    558     VerifySignature(exported, exported_size, signature, siglen, message, array_size(message) - 1);
    559 }
    560 
    561 }  // namespace test
    562 }  // namespace keymaster
    563