1 #include <memory> 2 3 #include "gtest/gtest.h" 4 #include "avb_tools.h" 5 #include "nugget_tools.h" 6 #include "nugget/app/avb/avb.pb.h" 7 #include "nugget/app/keymaster/keymaster.pb.h" 8 #include "Keymaster.client.h" 9 #include <application.h> 10 #include <keymaster.h> 11 #include <nos/AppClient.h> 12 #include <nos/NuggetClientInterface.h> 13 #include "util.h" 14 15 #include <openssl/bio.h> 16 #include <openssl/evp.h> 17 #include <openssl/pem.h> 18 19 using std::cout; 20 using std::string; 21 using std::unique_ptr; 22 23 using namespace nugget::app::avb; 24 using namespace nugget::app::keymaster; 25 26 namespace { 27 28 class KeymasterProvisionTest: public testing::Test { 29 protected: 30 static unique_ptr<nos::NuggetClientInterface> client; 31 static unique_ptr<test_harness::TestHarness> uart_printer; 32 33 static void SetUpTestCase(); 34 static void TearDownTestCase(); 35 36 virtual void SetUp(void); 37 38 virtual void PopulateDefaultRequest(ProvisionDeviceIdsRequest *request); 39 }; 40 41 unique_ptr<nos::NuggetClientInterface> KeymasterProvisionTest::client; 42 unique_ptr<test_harness::TestHarness> KeymasterProvisionTest::uart_printer; 43 44 void KeymasterProvisionTest::SetUpTestCase() { 45 uart_printer = test_harness::TestHarness::MakeUnique(); 46 47 client = nugget_tools::MakeNuggetClient(); 48 client->Open(); 49 EXPECT_TRUE(client->IsOpen()) << "Unable to connect"; 50 } 51 52 void KeymasterProvisionTest::TearDownTestCase() { 53 client->Close(); 54 client = unique_ptr<nos::NuggetClientInterface>(); 55 56 uart_printer = nullptr; 57 } 58 59 void KeymasterProvisionTest::SetUp(void) { 60 avb_tools::ResetProduction(client.get()); 61 } 62 63 void KeymasterProvisionTest::PopulateDefaultRequest( 64 ProvisionDeviceIdsRequest *request) { 65 request->set_product_brand("Pixel"); 66 request->set_product_device("3"); 67 request->set_product_name("Pixel"); 68 request->set_serialno("12345678"); 69 request->set_product_manufacturer("Google"); 70 request->set_product_model("3"); 71 request->set_imei("12345678"); 72 request->set_meid("12345678"); 73 } 74 75 // Tests 76 77 TEST_F(KeymasterProvisionTest, ProvisionDeviceIdsSuccess) { 78 ProvisionDeviceIdsRequest request; 79 ProvisionDeviceIdsResponse response; 80 81 PopulateDefaultRequest(&request); 82 83 Keymaster service(*client); 84 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), ""); 85 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK); 86 } 87 88 TEST_F(KeymasterProvisionTest, ReProvisionDeviceIdsSuccess) { 89 ProvisionDeviceIdsRequest request; 90 ProvisionDeviceIdsResponse response; 91 92 PopulateDefaultRequest(&request); 93 94 Keymaster service(*client); 95 96 // First instance. 97 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), ""); 98 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK); 99 100 // Second ... 101 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), ""); 102 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK); 103 } 104 105 TEST_F(KeymasterProvisionTest, ProductionModeProvisionFails) { 106 ProvisionDeviceIdsRequest request; 107 ProvisionDeviceIdsResponse response; 108 109 PopulateDefaultRequest(&request); 110 111 Keymaster service(*client); 112 113 // Set production bit. 114 avb_tools::SetProduction(client.get(), true, NULL, 0); 115 116 // Provisioning is now disallowed. 117 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), ""); 118 ASSERT_EQ((ErrorCode)response.error_code(), 119 ErrorCode::PRODUCTION_MODE_PROVISIONING); 120 } 121 122 TEST_F(KeymasterProvisionTest, InvalidDeviceIdFails) { 123 124 ProvisionDeviceIdsRequest request; 125 ProvisionDeviceIdsResponse response; 126 127 PopulateDefaultRequest(&request); 128 129 string bad_serialno(KM_MNF_MAX_ENTRY_SIZE + 1, '5'); 130 request.set_serialno(bad_serialno); 131 132 Keymaster service(*client); 133 134 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), ""); 135 ASSERT_EQ((ErrorCode)response.error_code(), 136 ErrorCode::INVALID_DEVICE_IDS); 137 } 138 139 TEST_F(KeymasterProvisionTest, MaxDeviceIdSuccess) { 140 141 ProvisionDeviceIdsRequest request; 142 ProvisionDeviceIdsResponse response; 143 144 PopulateDefaultRequest(&request); 145 146 string max_serialno(KM_MNF_MAX_ENTRY_SIZE, '5'); 147 request.set_serialno(max_serialno); 148 149 Keymaster service(*client); 150 151 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), ""); 152 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK); 153 } 154 155 // Regression test for b/77830050#comment6 156 TEST_F(KeymasterProvisionTest, NoMeidSuccess) { 157 158 ProvisionDeviceIdsRequest request; 159 ProvisionDeviceIdsResponse response; 160 161 PopulateDefaultRequest(&request); 162 request.clear_meid(); 163 164 Keymaster service(*client); 165 166 ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), ""); 167 ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK); 168 } 169 170 } // namespace 171