Home | History | Annotate | Download | only in src 
      1 #include <memory>
      2 
      3 #include "gtest/gtest.h"
      4 #include "avb_tools.h"
      5 #include "nugget_tools.h"
      6 #include "nugget/app/avb/avb.pb.h"
      7 #include "nugget/app/keymaster/keymaster.pb.h"
      8 #include "Keymaster.client.h"
      9 #include <application.h>
     10 #include <keymaster.h>
     11 #include <nos/AppClient.h>
     12 #include <nos/NuggetClientInterface.h>
     13 #include "util.h"
     14 
     15 #include <openssl/bio.h>
     16 #include <openssl/evp.h>
     17 #include <openssl/pem.h>
     18 
     19 using std::cout;
     20 using std::string;
     21 using std::unique_ptr;
     22 
     23 using namespace nugget::app::avb;
     24 using namespace nugget::app::keymaster;
     25 
     26 namespace {
     27 
     28 class KeymasterProvisionTest: public testing::Test {
     29  protected:
     30   static unique_ptr<nos::NuggetClientInterface> client;
     31   static unique_ptr<test_harness::TestHarness> uart_printer;
     32 
     33   static void SetUpTestCase();
     34   static void TearDownTestCase();
     35 
     36   virtual void SetUp(void);
     37 
     38   virtual void PopulateDefaultRequest(ProvisionDeviceIdsRequest *request);
     39 };
     40 
     41 unique_ptr<nos::NuggetClientInterface> KeymasterProvisionTest::client;
     42 unique_ptr<test_harness::TestHarness> KeymasterProvisionTest::uart_printer;
     43 
     44 void KeymasterProvisionTest::SetUpTestCase() {
     45   uart_printer = test_harness::TestHarness::MakeUnique();
     46 
     47   client = nugget_tools::MakeNuggetClient();
     48   client->Open();
     49   EXPECT_TRUE(client->IsOpen()) << "Unable to connect";
     50 }
     51 
     52 void KeymasterProvisionTest::TearDownTestCase() {
     53   client->Close();
     54   client = unique_ptr<nos::NuggetClientInterface>();
     55 
     56   uart_printer = nullptr;
     57 }
     58 
     59 void KeymasterProvisionTest::SetUp(void) {
     60   avb_tools::ResetProduction(client.get());
     61 }
     62 
     63 void KeymasterProvisionTest::PopulateDefaultRequest(
     64     ProvisionDeviceIdsRequest *request) {
     65   request->set_product_brand("Pixel");
     66   request->set_product_device("3");
     67   request->set_product_name("Pixel");
     68   request->set_serialno("12345678");
     69   request->set_product_manufacturer("Google");
     70   request->set_product_model("3");
     71   request->set_imei("12345678");
     72   request->set_meid("12345678");
     73 }
     74 
     75 // Tests
     76 
     77 TEST_F(KeymasterProvisionTest, ProvisionDeviceIdsSuccess) {
     78   ProvisionDeviceIdsRequest request;
     79   ProvisionDeviceIdsResponse response;
     80 
     81   PopulateDefaultRequest(&request);
     82 
     83   Keymaster service(*client);
     84   ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
     85   ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
     86 }
     87 
     88 TEST_F(KeymasterProvisionTest, ReProvisionDeviceIdsSuccess) {
     89   ProvisionDeviceIdsRequest request;
     90   ProvisionDeviceIdsResponse response;
     91 
     92   PopulateDefaultRequest(&request);
     93 
     94   Keymaster service(*client);
     95 
     96   // First instance.
     97   ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
     98   ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
     99 
    100   // Second ...
    101   ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
    102   ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
    103 }
    104 
    105 TEST_F(KeymasterProvisionTest, ProductionModeProvisionFails) {
    106   ProvisionDeviceIdsRequest request;
    107   ProvisionDeviceIdsResponse response;
    108 
    109   PopulateDefaultRequest(&request);
    110 
    111   Keymaster service(*client);
    112 
    113   // Set production bit.
    114   avb_tools::SetProduction(client.get(), true, NULL, 0);
    115 
    116   // Provisioning is now disallowed.
    117   ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
    118   ASSERT_EQ((ErrorCode)response.error_code(),
    119             ErrorCode::PRODUCTION_MODE_PROVISIONING);
    120 }
    121 
    122 TEST_F(KeymasterProvisionTest, InvalidDeviceIdFails) {
    123 
    124   ProvisionDeviceIdsRequest request;
    125   ProvisionDeviceIdsResponse response;
    126 
    127   PopulateDefaultRequest(&request);
    128 
    129   string bad_serialno(KM_MNF_MAX_ENTRY_SIZE + 1, '5');
    130   request.set_serialno(bad_serialno);
    131 
    132   Keymaster service(*client);
    133 
    134   ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
    135   ASSERT_EQ((ErrorCode)response.error_code(),
    136             ErrorCode::INVALID_DEVICE_IDS);
    137 }
    138 
    139 TEST_F(KeymasterProvisionTest, MaxDeviceIdSuccess) {
    140 
    141   ProvisionDeviceIdsRequest request;
    142   ProvisionDeviceIdsResponse response;
    143 
    144   PopulateDefaultRequest(&request);
    145 
    146   string max_serialno(KM_MNF_MAX_ENTRY_SIZE, '5');
    147   request.set_serialno(max_serialno);
    148 
    149   Keymaster service(*client);
    150 
    151   ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
    152   ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
    153 }
    154 
    155 // Regression test for b/77830050#comment6
    156 TEST_F(KeymasterProvisionTest, NoMeidSuccess) {
    157 
    158   ProvisionDeviceIdsRequest request;
    159   ProvisionDeviceIdsResponse response;
    160 
    161   PopulateDefaultRequest(&request);
    162   request.clear_meid();
    163 
    164   Keymaster service(*client);
    165 
    166   ASSERT_NO_ERROR(service.ProvisionDeviceIds(request, &response), "");
    167   ASSERT_EQ((ErrorCode)response.error_code(), ErrorCode::OK);
    168 }
    169 
    170 }  // namespace
    171