1 // 2 // Copyright (C) 2015 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 #include "trunks/session_manager_impl.h" 18 19 #include <vector> 20 21 #include <base/logging.h> 22 #include <base/strings/string_number_conversions.h> 23 #include <gmock/gmock.h> 24 #include <gtest/gtest.h> 25 26 #include "trunks/error_codes.h" 27 #include "trunks/mock_tpm.h" 28 #include "trunks/tpm_generated.h" 29 #include "trunks/tpm_utility.h" 30 #include "trunks/trunks_factory_for_test.h" 31 32 using testing::_; 33 using testing::DoAll; 34 using testing::NiceMock; 35 using testing::Return; 36 using testing::SetArgPointee; 37 38 namespace trunks { 39 40 class SessionManagerTest : public testing::Test { 41 public: 42 SessionManagerTest() : session_manager_(factory_) { 43 delegate_ = new HmacAuthorizationDelegate(); 44 } 45 ~SessionManagerTest() override {} 46 47 void SetUp() override { factory_.set_tpm(&mock_tpm_); } 48 49 void SetHandle(TPM_HANDLE handle) { 50 session_manager_.session_handle_ = handle; 51 } 52 53 TPM2B_PUBLIC_KEY_RSA GetValidRSAPublicKey() { 54 const char kValidModulus[] = 55 "A1D50D088994000492B5F3ED8A9C5FC8772706219F4C063B2F6A8C6B74D3AD6B" 56 "212A53D01DABB34A6261288540D420D3BA59ED279D859DE6227A7AB6BD88FADD" 57 "FC3078D465F4DF97E03A52A587BD0165AE3B180FE7B255B7BEDC1BE81CB1383F" 58 "E9E46F9312B1EF28F4025E7D332E33F4416525FEB8F0FC7B815E8FBB79CDABE6" 59 "327B5A155FEF13F559A7086CB8A543D72AD6ECAEE2E704FF28824149D7F4E393" 60 "D3C74E721ACA97F7ADBE2CCF7B4BCC165F7380F48065F2C8370F25F066091259" 61 "D14EA362BAF236E3CD8771A94BDEDA3900577143A238AB92B6C55F11DEFAFB31" 62 "7D1DC5B6AE210C52B008D87F2A7BFF6EB5C4FB32D6ECEC6505796173951A3167"; 63 std::vector<uint8_t> bytes; 64 CHECK(base::HexStringToBytes(kValidModulus, &bytes)); 65 CHECK_EQ(bytes.size(), 256u); 66 TPM2B_PUBLIC_KEY_RSA rsa; 67 rsa.size = bytes.size(); 68 memcpy(rsa.buffer, bytes.data(), bytes.size()); 69 return rsa; 70 } 71 72 protected: 73 TrunksFactoryForTest factory_; 74 NiceMock<MockTpm> mock_tpm_; 75 HmacAuthorizationDelegate* delegate_; 76 SessionManagerImpl session_manager_; 77 }; 78 79 TEST_F(SessionManagerTest, CloseSessionSuccess) { 80 TPM_HANDLE handle = TPM_RH_FIRST; 81 SetHandle(handle); 82 EXPECT_CALL(mock_tpm_, FlushContextSync(handle, nullptr)) 83 .WillOnce(Return(TPM_RC_SUCCESS)); 84 session_manager_.CloseSession(); 85 } 86 87 TEST_F(SessionManagerTest, CloseSessionNoHandle) { 88 TPM_HANDLE handle = kUninitializedHandle; 89 SetHandle(handle); 90 EXPECT_CALL(mock_tpm_, FlushContextSync(handle, nullptr)).Times(0); 91 session_manager_.CloseSession(); 92 } 93 94 TEST_F(SessionManagerTest, GetSessionHandleTest) { 95 TPM_HANDLE handle = TPM_RH_FIRST; 96 EXPECT_EQ(kUninitializedHandle, session_manager_.GetSessionHandle()); 97 SetHandle(handle); 98 EXPECT_EQ(handle, session_manager_.GetSessionHandle()); 99 } 100 101 TEST_F(SessionManagerTest, StartSessionSuccess) { 102 TPM_SE session_type = TPM_SE_TRIAL; 103 TPM2B_PUBLIC public_data; 104 public_data.public_area.type = TPM_ALG_RSA; 105 public_data.public_area.unique.rsa = GetValidRSAPublicKey(); 106 EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, nullptr)) 107 .WillOnce(DoAll(SetArgPointee<2>(public_data), Return(TPM_RC_SUCCESS))); 108 TPM_HANDLE handle = TPM_RH_FIRST; 109 TPM2B_NONCE nonce; 110 nonce.size = 20; 111 EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_, handle, _, _, 112 session_type, _, _, _, _, _)) 113 .WillOnce(DoAll(SetArgPointee<8>(nonce), Return(TPM_RC_SUCCESS))); 114 EXPECT_EQ(TPM_RC_SUCCESS, session_manager_.StartSession( 115 session_type, handle, "", false, delegate_)); 116 } 117 118 TEST_F(SessionManagerTest, StartSessionBadSaltingKey) { 119 TPM2B_PUBLIC public_data; 120 public_data.public_area.type = TPM_ALG_RSA; 121 public_data.public_area.unique.rsa.size = 32; 122 EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, nullptr)) 123 .WillOnce(DoAll(SetArgPointee<2>(public_data), Return(TPM_RC_SUCCESS))); 124 EXPECT_EQ(TRUNKS_RC_SESSION_SETUP_ERROR, 125 session_manager_.StartSession(TPM_SE_TRIAL, TPM_RH_NULL, "", false, 126 delegate_)); 127 public_data.public_area.type = TPM_ALG_ECC; 128 public_data.public_area.unique.rsa.size = 256; 129 EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, nullptr)) 130 .WillOnce(DoAll(SetArgPointee<2>(public_data), Return(TPM_RC_SUCCESS))); 131 EXPECT_EQ(TRUNKS_RC_SESSION_SETUP_ERROR, 132 session_manager_.StartSession(TPM_SE_TRIAL, TPM_RH_NULL, "", false, 133 delegate_)); 134 } 135 136 TEST_F(SessionManagerTest, StartSessionFailure) { 137 TPM2B_PUBLIC public_data; 138 public_data.public_area.type = TPM_ALG_RSA; 139 public_data.public_area.unique.rsa = GetValidRSAPublicKey(); 140 EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, nullptr)) 141 .WillOnce(DoAll(SetArgPointee<2>(public_data), Return(TPM_RC_SUCCESS))); 142 EXPECT_CALL(mock_tpm_, 143 StartAuthSessionSyncShort(_, TPM_RH_NULL, _, _, _, _, _, _, _, _)) 144 .WillOnce(Return(TPM_RC_FAILURE)); 145 EXPECT_EQ(TPM_RC_FAILURE, 146 session_manager_.StartSession(TPM_SE_TRIAL, TPM_RH_NULL, "", false, 147 delegate_)); 148 } 149 150 TEST_F(SessionManagerTest, StartSessionBadNonce) { 151 TPM_SE session_type = TPM_SE_TRIAL; 152 TPM2B_PUBLIC public_data; 153 public_data.public_area.type = TPM_ALG_RSA; 154 public_data.public_area.unique.rsa = GetValidRSAPublicKey(); 155 EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, nullptr)) 156 .WillOnce(DoAll(SetArgPointee<2>(public_data), Return(TPM_RC_SUCCESS))); 157 TPM_HANDLE handle = TPM_RH_FIRST; 158 TPM2B_NONCE nonce; 159 nonce.size = 0; 160 EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_, handle, _, _, 161 session_type, _, _, _, _, _)) 162 .WillOnce(DoAll(SetArgPointee<8>(nonce), Return(TPM_RC_SUCCESS))); 163 EXPECT_EQ(TPM_RC_FAILURE, session_manager_.StartSession( 164 session_type, handle, "", false, delegate_)); 165 } 166 167 } // namespace trunks 168