1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 #include <algorithm> 17 #include <fstream> 18 19 #include <UniquePtr.h> 20 #include <gtest/gtest.h> 21 #include <openssl/engine.h> 22 23 #include <hardware/keymaster0.h> 24 25 #include <keymaster/android_keymaster.h> 26 #include <keymaster/android_keymaster_messages.h> 27 #include <keymaster/android_keymaster_utils.h> 28 #include <keymaster/keymaster_tags.h> 29 #include <keymaster/soft_keymaster_context.h> 30 31 #include "android_keymaster_test_utils.h" 32 #include "trusty_keymaster_device.h" 33 #include "openssl_utils.h" 34 35 using std::string; 36 using std::ifstream; 37 using std::istreambuf_iterator; 38 39 static keymaster::AndroidKeymaster *impl_ = nullptr; 40 41 extern "C" { 42 int __android_log_print(); 43 } 44 45 int __android_log_print() { 46 return 0; 47 } 48 49 int main(int argc, char** argv) { 50 ::testing::InitGoogleTest(&argc, argv); 51 int result = RUN_ALL_TESTS(); 52 // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain. 53 CRYPTO_cleanup_all_ex_data(); 54 ERR_free_strings(); 55 return result; 56 } 57 58 int trusty_keymaster_connect() { 59 impl_ = new keymaster::AndroidKeymaster(new keymaster::SoftKeymasterContext(nullptr), 16); 60 } 61 62 void trusty_keymaster_disconnect() { 63 delete static_cast<keymaster::AndroidKeymaster*>(priv_); 64 } 65 66 template <typename Req, typename Rsp> 67 static int fake_call(keymaster::AndroidKeymaster* device, 68 void (keymaster::AndroidKeymaster::*method)(const Req&, Rsp*), void* in_buf, 69 uint32_t in_size, void* out_buf, uint32_t* out_size) { 70 Req req; 71 const uint8_t* in = static_cast<uint8_t*>(in_buf); 72 req.Deserialize(&in, in + in_size); 73 Rsp rsp; 74 (device->*method)(req, &rsp); 75 76 *out_size = rsp.SerializedSize(); 77 uint8_t* out = static_cast<uint8_t*>(out_buf); 78 rsp.Serialize(out, out + *out_size); 79 return 0; 80 } 81 82 int trusty_keymaster_call(uint32_t cmd, void* in_buf, uint32_t in_size, void* out_buf, 83 uint32_t* out_size) { 84 switch (cmd) { 85 case KM_GENERATE_KEY: 86 return fake_call(impl_, &keymaster::AndroidKeymaster::GenerateKey, in_buf, in_size, 87 out_buf, out_size); 88 case KM_BEGIN_OPERATION: 89 return fake_call(impl_, &keymaster::AndroidKeymaster::BeginOperation, in_buf, in_size, 90 out_buf, out_size); 91 case KM_UPDATE_OPERATION: 92 return fake_call(impl_, &keymaster::AndroidKeymaster::UpdateOperation, in_buf, in_size, 93 out_buf, out_size); 94 case KM_FINISH_OPERATION: 95 return fake_call(impl_, &keymaster::AndroidKeymaster::FinishOperation, in_buf, in_size, 96 out_buf, out_size); 97 case KM_IMPORT_KEY: 98 return fake_call(impl_, &keymaster::AndroidKeymaster::ImportKey, in_buf, in_size, out_buf, 99 out_size); 100 case KM_EXPORT_KEY: 101 return fake_call(impl_, &keymaster::AndroidKeymaster::ExportKey, in_buf, in_size, out_buf, 102 out_size); 103 } 104 return -EINVAL; 105 106 } 107 108 namespace keymaster { 109 namespace test { 110 111 class TrustyKeymasterTest : public testing::Test { 112 protected: 113 TrustyKeymasterTest() : device(NULL) {} 114 115 keymaster_rsa_keygen_params_t build_rsa_params() { 116 keymaster_rsa_keygen_params_t rsa_params; 117 rsa_params.public_exponent = 65537; 118 rsa_params.modulus_size = 2048; 119 return rsa_params; 120 } 121 122 uint8_t* build_message(size_t length) { 123 uint8_t* msg = new uint8_t[length]; 124 memset(msg, 'a', length); 125 return msg; 126 } 127 128 size_t dsa_message_len(const keymaster_dsa_keygen_params_t& params) { 129 switch (params.key_size) { 130 case 256: 131 case 1024: 132 return 48; 133 case 2048: 134 case 4096: 135 return 72; 136 default: 137 // Oops. 138 return 0; 139 } 140 } 141 142 TrustyKeymasterDevice device; 143 }; 144 145 class Malloc_Delete { 146 public: 147 Malloc_Delete(void* p) : p_(p) {} 148 ~Malloc_Delete() { free(p_); } 149 150 private: 151 void* p_; 152 }; 153 154 typedef TrustyKeymasterTest KeyGenTest; 155 TEST_F(KeyGenTest, RsaSuccess) { 156 keymaster_rsa_keygen_params_t params = build_rsa_params(); 157 uint8_t* ptr = NULL; 158 size_t size; 159 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 160 EXPECT_GT(size, 0U); 161 Malloc_Delete key_deleter(ptr); 162 } 163 164 TEST_F(KeyGenTest, EcdsaSuccess) { 165 keymaster_ec_keygen_params_t ec_params = {256}; 166 uint8_t* ptr = NULL; 167 size_t size; 168 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &ec_params, &ptr, &size)); 169 EXPECT_GT(size, 0U); 170 Malloc_Delete key_deleter(ptr); 171 } 172 173 typedef TrustyKeymasterTest SigningTest; 174 TEST_F(SigningTest, RsaSuccess) { 175 keymaster_rsa_keygen_params_t params = build_rsa_params(); 176 uint8_t* ptr = NULL; 177 size_t size; 178 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 179 EXPECT_GT(size, 0U); 180 Malloc_Delete key_deleter(ptr); 181 182 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 183 size_t message_len = params.modulus_size / 8; 184 UniquePtr<uint8_t[]> message(build_message(message_len)); 185 uint8_t* signature; 186 size_t siglen; 187 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len, 188 &signature, &siglen)); 189 Malloc_Delete sig_deleter(signature); 190 EXPECT_EQ(message_len, siglen); 191 } 192 193 TEST_F(SigningTest, RsaShortMessage) { 194 keymaster_rsa_keygen_params_t params = build_rsa_params(); 195 uint8_t* ptr = NULL; 196 size_t size; 197 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 198 EXPECT_GT(size, 0U); 199 Malloc_Delete key_deleter(ptr); 200 201 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 202 size_t message_len = params.modulus_size / 8 - 1; 203 UniquePtr<uint8_t[]> message(build_message(message_len)); 204 uint8_t* signature; 205 size_t siglen; 206 EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(), 207 message_len, &signature, &siglen)); 208 } 209 210 TEST_F(SigningTest, RsaLongMessage) { 211 keymaster_rsa_keygen_params_t params = build_rsa_params(); 212 uint8_t* ptr = NULL; 213 size_t size; 214 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 215 EXPECT_GT(size, 0U); 216 Malloc_Delete key_deleter(ptr); 217 218 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 219 size_t message_len = params.modulus_size / 8 + 1; 220 UniquePtr<uint8_t[]> message(build_message(message_len)); 221 uint8_t* signature; 222 size_t siglen; 223 EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(), 224 message_len, &signature, &siglen)); 225 } 226 227 TEST_F(SigningTest, EcdsaSuccess) { 228 keymaster_ec_keygen_params_t params = {256}; 229 uint8_t* ptr = NULL; 230 size_t size; 231 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size)); 232 EXPECT_GT(size, 0U); 233 Malloc_Delete key_deleter(ptr); 234 235 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE}; 236 uint8_t message[] = "12345678901234567890123456789012"; 237 uint8_t* signature; 238 size_t siglen; 239 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message, 240 array_size(message) - 1, &signature, &siglen)); 241 Malloc_Delete sig_deleter(signature); 242 EXPECT_GT(siglen, 69U); 243 EXPECT_LT(siglen, 73U); 244 } 245 246 TEST_F(SigningTest, EcdsaEmptyMessageSuccess) { 247 keymaster_ec_keygen_params_t params = {256}; 248 uint8_t* ptr = NULL; 249 size_t size; 250 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size)); 251 EXPECT_GT(size, 0U); 252 Malloc_Delete key_deleter(ptr); 253 254 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE}; 255 uint8_t message[] = ""; 256 uint8_t* signature; 257 size_t siglen; 258 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message, 259 array_size(message) - 1, &signature, &siglen)); 260 Malloc_Delete sig_deleter(signature); 261 EXPECT_GT(siglen, 69U); 262 EXPECT_LT(siglen, 73U); 263 } 264 265 TEST_F(SigningTest, EcdsaLargeMessageSuccess) { 266 keymaster_ec_keygen_params_t params = {256}; 267 uint8_t* ptr = NULL; 268 size_t size; 269 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size)); 270 EXPECT_GT(size, 0U); 271 Malloc_Delete key_deleter(ptr); 272 273 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE}; 274 size_t message_len = 1024 * 7; 275 UniquePtr<uint8_t[]> message(new uint8_t[message_len]); 276 // contents of message don't matter. 277 uint8_t* signature; 278 size_t siglen; 279 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len, 280 &signature, &siglen)); 281 Malloc_Delete sig_deleter(signature); 282 EXPECT_GT(siglen, 69U); 283 EXPECT_LT(siglen, 73U); 284 } 285 286 typedef TrustyKeymasterTest VerificationTest; 287 TEST_F(VerificationTest, RsaSuccess) { 288 keymaster_rsa_keygen_params_t params = build_rsa_params(); 289 uint8_t* ptr = NULL; 290 size_t size; 291 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 292 EXPECT_GT(size, 0U); 293 Malloc_Delete key_deleter(ptr); 294 295 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 296 size_t message_len = params.modulus_size / 8; 297 UniquePtr<uint8_t[]> message(build_message(message_len)); 298 uint8_t* signature; 299 size_t siglen; 300 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len, 301 &signature, &siglen)); 302 Malloc_Delete sig_deleter(signature); 303 304 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len, 305 signature, siglen)); 306 } 307 308 TEST_F(VerificationTest, RsaBadSignature) { 309 keymaster_rsa_keygen_params_t params = build_rsa_params(); 310 uint8_t* ptr = NULL; 311 size_t size; 312 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 313 EXPECT_GT(size, 0U); 314 Malloc_Delete key_deleter(ptr); 315 316 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 317 size_t message_len = params.modulus_size / 8; 318 UniquePtr<uint8_t[]> message(build_message(message_len)); 319 uint8_t* signature; 320 size_t siglen; 321 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len, 322 &signature, &siglen)); 323 324 Malloc_Delete sig_deleter(signature); 325 signature[siglen / 2]++; 326 EXPECT_EQ( 327 KM_ERROR_VERIFICATION_FAILED, 328 device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature, siglen)); 329 } 330 331 TEST_F(VerificationTest, RsaBadMessage) { 332 keymaster_rsa_keygen_params_t params = build_rsa_params(); 333 uint8_t* ptr = NULL; 334 size_t size; 335 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 336 EXPECT_GT(size, 0U); 337 Malloc_Delete key_deleter(ptr); 338 339 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 340 size_t message_len = params.modulus_size / 8; 341 UniquePtr<uint8_t[]> message(build_message(message_len)); 342 uint8_t* signature; 343 size_t siglen; 344 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len, 345 &signature, &siglen)); 346 Malloc_Delete sig_deleter(signature); 347 message[0]++; 348 EXPECT_EQ( 349 KM_ERROR_VERIFICATION_FAILED, 350 device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature, siglen)); 351 } 352 353 TEST_F(VerificationTest, RsaShortMessage) { 354 keymaster_rsa_keygen_params_t params = build_rsa_params(); 355 uint8_t* ptr = NULL; 356 size_t size; 357 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 358 EXPECT_GT(size, 0U); 359 Malloc_Delete key_deleter(ptr); 360 361 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 362 size_t message_len = params.modulus_size / 8; 363 UniquePtr<uint8_t[]> message(build_message(message_len)); 364 uint8_t* signature; 365 size_t siglen; 366 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len, 367 &signature, &siglen)); 368 369 Malloc_Delete sig_deleter(signature); 370 EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, 371 device.verify_data(&sig_params, ptr, size, message.get(), message_len - 1, signature, 372 siglen)); 373 } 374 375 TEST_F(VerificationTest, RsaLongMessage) { 376 keymaster_rsa_keygen_params_t params = build_rsa_params(); 377 uint8_t* ptr = NULL; 378 size_t size; 379 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 380 EXPECT_GT(size, 0U); 381 Malloc_Delete key_deleter(ptr); 382 383 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 384 size_t message_len = params.modulus_size / 8; 385 UniquePtr<uint8_t[]> message(build_message(message_len + 1)); 386 uint8_t* signature; 387 size_t siglen; 388 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len, 389 &signature, &siglen)); 390 Malloc_Delete sig_deleter(signature); 391 EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, 392 device.verify_data(&sig_params, ptr, size, message.get(), message_len + 1, signature, 393 siglen)); 394 } 395 396 TEST_F(VerificationTest, EcdsaSuccess) { 397 keymaster_ec_keygen_params_t params = {256}; 398 uint8_t* ptr = NULL; 399 size_t size; 400 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size)); 401 EXPECT_GT(size, 0U); 402 Malloc_Delete key_deleter(ptr); 403 404 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE}; 405 uint8_t message[] = "12345678901234567890123456789012"; 406 uint8_t* signature; 407 size_t siglen; 408 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message, 409 array_size(message) - 1, &signature, &siglen)); 410 Malloc_Delete sig_deleter(signature); 411 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message, 412 array_size(message) - 1, signature, siglen)); 413 } 414 415 TEST_F(VerificationTest, EcdsaLargeMessageSuccess) { 416 keymaster_ec_keygen_params_t params = {256}; 417 uint8_t* ptr = NULL; 418 size_t size; 419 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size)); 420 EXPECT_GT(size, 0U); 421 Malloc_Delete key_deleter(ptr); 422 423 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE}; 424 size_t message_len = 1024 * 7; 425 UniquePtr<uint8_t[]> message(new uint8_t[message_len]); 426 // contents of message don't matter. 427 uint8_t* signature; 428 size_t siglen; 429 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len, 430 &signature, &siglen)); 431 Malloc_Delete sig_deleter(signature); 432 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len, 433 signature, siglen)); 434 } 435 436 static string read_file(const string& file_name) { 437 ifstream file_stream(file_name, std::ios::binary); 438 istreambuf_iterator<char> file_begin(file_stream); 439 istreambuf_iterator<char> file_end; 440 return string(file_begin, file_end); 441 } 442 443 typedef TrustyKeymasterTest ImportKeyTest; 444 TEST_F(ImportKeyTest, RsaSuccess) { 445 string pk8_key = read_file("../../../../system/keymaster/rsa_privkey_pk8.der"); 446 ASSERT_EQ(633U, pk8_key.size()); 447 448 uint8_t* key = NULL; 449 size_t size; 450 ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()), 451 pk8_key.size(), &key, &size)); 452 Malloc_Delete key_deleter(key); 453 454 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 455 size_t message_size = 1024 /* key size */ / 8; 456 UniquePtr<uint8_t[]> message(new uint8_t[message_size]); 457 memset(message.get(), 'a', message_size); 458 uint8_t* signature; 459 size_t siglen; 460 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message.get(), message_size, 461 &signature, &siglen)); 462 Malloc_Delete sig_deleter(signature); 463 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message.get(), message_size, 464 signature, siglen)); 465 } 466 467 TEST_F(ImportKeyTest, EcdsaSuccess) { 468 string pk8_key = read_file("../../../../system/keymaster/ec_privkey_pk8.der"); 469 ASSERT_EQ(138U, pk8_key.size()); 470 471 uint8_t* key = NULL; 472 size_t size; 473 ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()), 474 pk8_key.size(), &key, &size)); 475 Malloc_Delete key_deleter(key); 476 477 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE}; 478 uint8_t message[] = "12345678901234567890123456789012"; 479 uint8_t* signature; 480 size_t siglen; 481 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message, 482 array_size(message) - 1, &signature, &siglen)); 483 Malloc_Delete sig_deleter(signature); 484 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message, 485 array_size(message) - 1, signature, siglen)); 486 } 487 488 struct EVP_PKEY_CTX_Delete { 489 void operator()(EVP_PKEY_CTX* p) { EVP_PKEY_CTX_free(p); } 490 }; 491 492 static void VerifySignature(const uint8_t* key, size_t key_len, const uint8_t* signature, 493 size_t signature_len, const uint8_t* message, size_t message_len) { 494 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(d2i_PUBKEY(NULL, &key, key_len)); 495 ASSERT_TRUE(pkey.get() != NULL); 496 UniquePtr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL)); 497 ASSERT_TRUE(ctx.get() != NULL); 498 ASSERT_EQ(1, EVP_PKEY_verify_init(ctx.get())); 499 if (EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) 500 ASSERT_EQ(1, EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_NO_PADDING)); 501 EXPECT_EQ(1, EVP_PKEY_verify(ctx.get(), signature, signature_len, message, message_len)); 502 } 503 504 typedef TrustyKeymasterTest ExportKeyTest; 505 TEST_F(ExportKeyTest, RsaSuccess) { 506 keymaster_rsa_keygen_params_t params = build_rsa_params(); 507 uint8_t* ptr = NULL; 508 size_t size; 509 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size)); 510 EXPECT_GT(size, 0U); 511 Malloc_Delete key_deleter(ptr); 512 513 uint8_t* exported; 514 size_t exported_size; 515 EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(ptr, size, &exported, &exported_size)); 516 Malloc_Delete exported_deleter(exported); 517 518 // Sign a message so we can verify it with the exported pubkey. 519 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE}; 520 size_t message_len = params.modulus_size / 8; 521 UniquePtr<uint8_t[]> message(build_message(message_len)); 522 uint8_t* signature; 523 size_t siglen; 524 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len, 525 &signature, &siglen)); 526 Malloc_Delete sig_deleter(signature); 527 EXPECT_EQ(message_len, siglen); 528 const uint8_t* tmp = exported; 529 530 VerifySignature(exported, exported_size, signature, siglen, message.get(), message_len); 531 } 532 533 typedef TrustyKeymasterTest ExportKeyTest; 534 TEST_F(ExportKeyTest, EcdsaSuccess) { 535 keymaster_ec_keygen_params_t params = {256}; 536 uint8_t* key = NULL; 537 size_t size; 538 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &key, &size)); 539 EXPECT_GT(size, 0U); 540 Malloc_Delete key_deleter(key); 541 542 uint8_t* exported; 543 size_t exported_size; 544 EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(key, size, &exported, &exported_size)); 545 Malloc_Delete exported_deleter(exported); 546 547 // Sign a message so we can verify it with the exported pubkey. 548 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE}; 549 uint8_t message[] = "12345678901234567890123456789012"; 550 uint8_t* signature; 551 size_t siglen; 552 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message, 553 array_size(message) - 1, &signature, &siglen)); 554 Malloc_Delete sig_deleter(signature); 555 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message, 556 array_size(message) - 1, signature, siglen)); 557 558 VerifySignature(exported, exported_size, signature, siglen, message, array_size(message) - 1); 559 } 560 561 } // namespace test 562 } // namespace keymaster 563
