1
2 #include <gtest/gtest.h>
3 #include <openssl/aes.h>
4
5 #include <algorithm>
6 #include <fstream>
7 #include <iostream>
8 #include <memory>
9 #include <random>
10
11 #include "nugget/app/protoapi/control.pb.h"
12 #include "nugget/app/protoapi/header.pb.h"
13 #include "nugget/app/protoapi/testing_api.pb.h"
14 #include "src/util.h"
15
16 #ifdef ANDROID
17 #define FLAGS_nos_test_dump_protos false
18 #else
19 #include <gflags/gflags.h>
20
21 DEFINE_bool(nos_test_dump_protos, false, "Dump binary protobufs to a file.");
22 #endif // ANDROID
23
24 using nugget::app::protoapi::AesCbcEncryptTest;
25 using nugget::app::protoapi::AesCbcEncryptTestResult;
26 using nugget::app::protoapi::APImessageID;
27 using nugget::app::protoapi::DcryptError;
28 using nugget::app::protoapi::KeySize;
29 using nugget::app::protoapi::Notice;
30 using nugget::app::protoapi::NoticeCode;
31 using nugget::app::protoapi::OneofTestParametersCase;
32 using nugget::app::protoapi::OneofTestResultsCase;
33 using nugget::app::protoapi::TrngTest;
34 using nugget::app::protoapi::TrngTestResult;
35 using std::cout;
36 using std::vector;
37 using std::unique_ptr;
38 using test_harness::TestHarness;
39
40 #define ASSERT_NO_TH_ERROR(code) \
41 ASSERT_EQ(code, test_harness::error_codes::NO_ERROR) \
42 << code << " is " << test_harness::error_codes_name(code)
43
44 #define ASSERT_MSG_TYPE(msg, type_) \
45 do{if(type_ != APImessageID::NOTICE && msg.type == APImessageID::NOTICE){ \
46 Notice received; \
47 received.ParseFromArray(reinterpret_cast<char *>(msg.data), msg.data_len); \
48 ASSERT_EQ(msg.type, type_) \
49 << msg.type << " is " << APImessageID_Name((APImessageID) msg.type) \
50 << "\n" << received.DebugString(); \
51 }else{ \
52 ASSERT_EQ(msg.type, type_) \
53 << msg.type << " is " << APImessageID_Name((APImessageID) msg.type); \
54 }}while(0)
55
56 #define ASSERT_SUBTYPE(msg, type_) \
57 EXPECT_GT(msg.data_len, 2); \
58 uint16_t subtype = (msg.data[0] << 8) | msg.data[1]; \
59 EXPECT_EQ(subtype, type_)
60
61 namespace {
62
63 using test_harness::BYTE_TIME;
64
65 class NuggetOsTest: public testing::Test {
66 protected:
67 static void SetUpTestCase();
68 static void TearDownTestCase();
69
70 public:
71 static unique_ptr<TestHarness> harness;
72 static std::random_device random_number_generator;
73 };
74
75 unique_ptr<TestHarness> NuggetOsTest::harness;
76 std::random_device NuggetOsTest::random_number_generator;
77
SetUpTestCase()78 void NuggetOsTest::SetUpTestCase() {
79 harness = TestHarness::MakeUnique();
80
81 #ifndef CONFIG_NO_UART
82 if (!harness->UsingSpi()) {
83 EXPECT_TRUE(harness->SwitchFromConsoleToProtoApi());
84 EXPECT_TRUE(harness->ttyState());
85 }
86 #endif // CONFIG_NO_UART
87 }
88
TearDownTestCase()89 void NuggetOsTest::TearDownTestCase() {
90 #ifndef CONFIG_NO_UART
91 if (!harness->UsingSpi()) {
92 harness->ReadUntil(test_harness::BYTE_TIME * 1024);
93 EXPECT_TRUE(harness->SwitchFromProtoApiToConsole(NULL));
94 }
95 #endif // CONFIG_NO_UART
96 harness = unique_ptr<TestHarness>();
97 }
98
TEST_F(NuggetOsTest,NoticePing)99 TEST_F(NuggetOsTest, NoticePing) {
100 Notice ping_msg;
101 ping_msg.set_notice_code(NoticeCode::PING);
102 Notice pong_msg;
103
104 ASSERT_NO_TH_ERROR(harness->SendProto(APImessageID::NOTICE, ping_msg));
105 if (harness->getVerbosity() >= TestHarness::VerbosityLevels::INFO) {
106 cout << ping_msg.DebugString();
107 }
108 test_harness::raw_message receive_msg;
109 ASSERT_NO_TH_ERROR(harness->GetData(&receive_msg, 4096 * BYTE_TIME));
110 ASSERT_MSG_TYPE(receive_msg, APImessageID::NOTICE);
111 pong_msg.set_notice_code(NoticeCode::PING);
112 ASSERT_TRUE(pong_msg.ParseFromArray(
113 reinterpret_cast<char *>(receive_msg.data), receive_msg.data_len));
114 if (harness->getVerbosity() >= TestHarness::VerbosityLevels::INFO) {
115 cout << pong_msg.DebugString() << std::endl;
116 }
117 EXPECT_EQ(pong_msg.notice_code(), NoticeCode::PONG);
118
119 ASSERT_NO_TH_ERROR(harness->SendProto(APImessageID::NOTICE, ping_msg));
120 if (harness->getVerbosity() >= TestHarness::VerbosityLevels::INFO) {
121 cout << ping_msg.DebugString();
122 }
123 ASSERT_NO_TH_ERROR(harness->GetData(&receive_msg, 4096 * BYTE_TIME));
124 ASSERT_MSG_TYPE(receive_msg, APImessageID::NOTICE);
125 pong_msg.set_notice_code(NoticeCode::PING);
126 ASSERT_TRUE(pong_msg.ParseFromArray(
127 reinterpret_cast<char *>(receive_msg.data), receive_msg.data_len));
128 if (harness->getVerbosity() >= TestHarness::VerbosityLevels::INFO) {
129 cout << pong_msg.DebugString() << std::endl;
130 }
131 EXPECT_EQ(pong_msg.notice_code(), NoticeCode::PONG);
132
133 ASSERT_NO_TH_ERROR(harness->SendProto(APImessageID::NOTICE, ping_msg));
134 if (harness->getVerbosity() >= TestHarness::VerbosityLevels::INFO) {
135 cout << ping_msg.DebugString();
136 }
137 ASSERT_NO_TH_ERROR(harness->GetData(&receive_msg, 4096 * BYTE_TIME));
138 ASSERT_MSG_TYPE(receive_msg, APImessageID::NOTICE);
139 pong_msg.set_notice_code(NoticeCode::PING);
140 ASSERT_TRUE(pong_msg.ParseFromArray(
141 reinterpret_cast<char *>(receive_msg.data), receive_msg.data_len));
142 if (harness->getVerbosity() >= TestHarness::VerbosityLevels::INFO) {
143 cout << pong_msg.DebugString() << std::endl;
144 }
145 EXPECT_EQ(pong_msg.notice_code(), NoticeCode::PONG);
146 }
147
TEST_F(NuggetOsTest,InvalidMessageType)148 TEST_F(NuggetOsTest, InvalidMessageType) {
149 const char content[] = "This is a test message.";
150
151 test_harness::raw_message msg;
152 msg.type = 0;
153 std::copy(content, content + sizeof(content), msg.data);
154 msg.data_len = sizeof(content);
155
156 ASSERT_NO_TH_ERROR(harness->SendData(msg));
157 ASSERT_NO_TH_ERROR(harness->GetData(&msg, 4096 * BYTE_TIME));
158 ASSERT_MSG_TYPE(msg, APImessageID::NOTICE);
159
160 Notice notice_msg;
161 ASSERT_TRUE(notice_msg.ParseFromArray(reinterpret_cast<char *>(msg.data),
162 msg.data_len));
163 if (harness->getVerbosity() >= TestHarness::VerbosityLevels::INFO) {
164 cout << notice_msg.DebugString() << std::endl;
165 }
166 EXPECT_EQ(notice_msg.notice_code(), NoticeCode::UNRECOGNIZED_MESSAGE);
167 }
168
TEST_F(NuggetOsTest,Sequence)169 TEST_F(NuggetOsTest, Sequence) {
170 test_harness::raw_message msg;
171 msg.type = APImessageID::SEND_SEQUENCE;
172 msg.data_len = 256;
173 for (size_t x = 0; x < msg.data_len; ++x) {
174 msg.data[x] = x;
175 }
176
177 ASSERT_NO_TH_ERROR(harness->SendData(msg));
178 ASSERT_NO_TH_ERROR(harness->GetData(&msg, 4096 * BYTE_TIME));
179 ASSERT_MSG_TYPE(msg, APImessageID::SEND_SEQUENCE);
180 for (size_t x = 0; x < msg.data_len; ++x) {
181 ASSERT_EQ(msg.data[x], x) << "Inconsistency at index " << x;
182 }
183 }
184
TEST_F(NuggetOsTest,Echo)185 TEST_F(NuggetOsTest, Echo) {
186 test_harness::raw_message msg;
187 msg.type = APImessageID::ECHO_THIS;
188 // Leave some room for bytes which need escaping
189 msg.data_len = sizeof(msg.data) - 64;
190 for (size_t x = 0; x < msg.data_len; ++x) {
191 msg.data[x] = random_number_generator();
192 }
193
194 ASSERT_NO_TH_ERROR(harness->SendData(msg));
195
196 test_harness::raw_message receive_msg;
197 ASSERT_NO_TH_ERROR(harness->GetData(&receive_msg, 4096 * BYTE_TIME));
198 ASSERT_MSG_TYPE(msg, APImessageID::ECHO_THIS);
199 ASSERT_EQ(receive_msg.data_len, msg.data_len);
200
201 for (size_t x = 0; x < msg.data_len; ++x) {
202 ASSERT_EQ(msg.data[x], receive_msg.data[x])
203 << "Inconsistency at index " << x;
204 }
205 }
206
TEST_F(NuggetOsTest,AesCbc)207 TEST_F(NuggetOsTest, AesCbc) {
208 const size_t number_of_blocks = 3;
209
210 for (auto key_size : {KeySize::s128b, KeySize::s192b, KeySize::s256b}) {
211 if (harness->getVerbosity() >= TestHarness::VerbosityLevels::INFO) {
212 cout << "Testing with a key size of: " << std::dec << (key_size * 8)
213 << std::endl;
214 }
215 AesCbcEncryptTest request;
216 request.set_key_size(key_size);
217 request.set_number_of_blocks(number_of_blocks);
218
219 vector<int> key_data(key_size / sizeof(int));
220 for (auto &part : key_data) {
221 part = random_number_generator();
222 }
223 request.set_key(key_data.data(), key_data.size() * sizeof(int));
224
225
226 if (FLAGS_nos_test_dump_protos) {
227 std::ofstream outfile;
228 outfile.open("AesCbcEncryptTest_" + std::to_string(key_size * 8) +
229 ".proto.bin", std::ios_base::binary);
230 outfile << request.SerializeAsString();
231 outfile.close();
232 }
233
234 ASSERT_NO_TH_ERROR(harness->SendOneofProto(
235 APImessageID::TESTING_API_CALL,
236 OneofTestParametersCase::kAesCbcEncryptTest,
237 request));
238
239 test_harness::raw_message msg;
240 ASSERT_NO_TH_ERROR(harness->GetData(&msg, 4096 * BYTE_TIME));
241 ASSERT_MSG_TYPE(msg, APImessageID::TESTING_API_RESPONSE);
242 ASSERT_SUBTYPE(msg, OneofTestResultsCase::kAesCbcEncryptTestResult);
243
244 AesCbcEncryptTestResult result;
245 ASSERT_TRUE(result.ParseFromArray(reinterpret_cast<char *>(msg.data + 2),
246 msg.data_len - 2));
247 EXPECT_EQ(result.result_code(), DcryptError::DE_NO_ERROR)
248 << result.result_code() << " is "
249 << DcryptError_Name(result.result_code());
250 ASSERT_EQ(result.cipher_text().size(), number_of_blocks * AES_BLOCK_SIZE)
251 << "\n" << result.DebugString();
252
253 uint32_t in[4] = {0, 0, 0, 0};
254 uint8_t sw_out[AES_BLOCK_SIZE];
255 uint8_t iv[AES_BLOCK_SIZE];
256 memset(&iv, 0, sizeof(iv));
257 AES_KEY aes_key;
258 AES_set_encrypt_key(reinterpret_cast<uint8_t *>(key_data.data()),
259 key_size * 8, &aes_key);
260 for (size_t x = 0; x < number_of_blocks; ++x) {
261 AES_cbc_encrypt(reinterpret_cast<uint8_t *>(in),
262 reinterpret_cast<uint8_t *>(sw_out), AES_BLOCK_SIZE,
263 &aes_key, reinterpret_cast<uint8_t *>(iv), true);
264 for (size_t y = 0; y < AES_BLOCK_SIZE; ++y) {
265 size_t index = x * AES_BLOCK_SIZE + y;
266 ASSERT_EQ(result.cipher_text()[index] & 0x00ff,
267 sw_out[y] & 0x00ff) << "Inconsistency at index " << index;
268 }
269 }
270
271 ASSERT_EQ(result.initialization_vector().size(), (size_t) AES_BLOCK_SIZE)
272 << "\n" << result.DebugString();
273 for (size_t x = 0; x < AES_BLOCK_SIZE; ++x) {
274 ASSERT_EQ(result.initialization_vector()[x] & 0x00ff, iv[x] & 0x00ff)
275 << "Inconsistency at index " << x;
276 }
277 }
278 }
279
TEST_F(NuggetOsTest,Trng)280 TEST_F(NuggetOsTest, Trng) {
281 // Have a bin for every possible byte value.
282 std::vector<size_t> counts(256, 0);
283
284 // Use most of the available space while leaving room for the transport
285 // header, escape sequences, etc.
286 const size_t request_size = 475;
287 const size_t repeats = 10;
288
289 TrngTest request;
290 request.set_number_of_bytes(request_size);
291
292 int verbosity = harness->getVerbosity();
293 for (size_t x = 0; x < repeats; ++x) {
294 ASSERT_NO_TH_ERROR(harness->SendOneofProto(
295 APImessageID::TESTING_API_CALL,
296 OneofTestParametersCase::kTrngTest,
297 request));
298 test_harness::raw_message msg;
299 ASSERT_NO_TH_ERROR(harness->GetData(&msg, 4096 * BYTE_TIME));
300 ASSERT_MSG_TYPE(msg, APImessageID::TESTING_API_RESPONSE);
301 ASSERT_SUBTYPE(msg, OneofTestResultsCase::kTrngTestResult);
302
303 TrngTestResult result;
304 ASSERT_TRUE(result.ParseFromArray(reinterpret_cast<char *>(msg.data + 2),
305 msg.data_len - 2));
306 ASSERT_EQ(result.random_bytes().size(), request_size);
307 for (const auto rand_byte : result.random_bytes()) {
308 ++counts[0x00ff & rand_byte];
309 }
310
311 // Print the first exchange only for debugging.
312 if (x == 0) {
313 harness->setVerbosity(harness->getVerbosity() - 1);
314 }
315 }
316 harness->setVerbosity(verbosity);
317
318 double kl_divergence = 0;
319 double ratio = (double) counts.size() / (repeats * request_size);
320 for (const auto count : counts) {
321 ASSERT_NE(count, 0u);
322 kl_divergence += count * log2(count * ratio);
323 }
324 kl_divergence *= ratio;
325 if (harness->getVerbosity() >= TestHarness::VerbosityLevels::INFO) {
326 cout << "K.L. Divergence: " << kl_divergence << "\n";
327 cout.flush();
328 }
329 ASSERT_LT(kl_divergence, 15.0);
330 }
331
332 } // namespace
333