1 /*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 #include <algorithm>
17 #include <fstream>
18 #include <memory>
19
20 #include <gtest/gtest.h>
21 #include <openssl/engine.h>
22
23 #include <hardware/keymaster0.h>
24
25 #include <keymaster/android_keymaster.h>
26 #include <keymaster/android_keymaster_messages.h>
27 #include <keymaster/android_keymaster_utils.h>
28 #include <keymaster/keymaster_tags.h>
29 #include <keymaster/soft_keymaster_context.h>
30
31 #include <trusty_keymaster/legacy/trusty_keymaster_device.h>
32 #include "android_keymaster_test_utils.h"
33 #include "openssl_utils.h"
34
35 using std::ifstream;
36 using std::istreambuf_iterator;
37 using std::string;
38
39 static keymaster::AndroidKeymaster* impl_ = nullptr;
40
41 extern "C" {
42 int __android_log_print();
43 }
44
__android_log_print()45 int __android_log_print() {
46 return 0;
47 }
48
main(int argc,char ** argv)49 int main(int argc, char** argv) {
50 ::testing::InitGoogleTest(&argc, argv);
51 int result = RUN_ALL_TESTS();
52 // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain.
53 CRYPTO_cleanup_all_ex_data();
54 ERR_free_strings();
55 return result;
56 }
57
trusty_keymaster_connect()58 int trusty_keymaster_connect() {
59 impl_ = new keymaster::AndroidKeymaster(new keymaster::SoftKeymasterContext(nullptr), 16);
60 }
61
trusty_keymaster_disconnect()62 void trusty_keymaster_disconnect() {
63 delete static_cast<keymaster::AndroidKeymaster*>(priv_);
64 }
65
66 template <typename Req, typename Rsp>
fake_call(keymaster::AndroidKeymaster * device,void (keymaster::AndroidKeymaster::* method)(const Req &,Rsp *),void * in_buf,uint32_t in_size,void * out_buf,uint32_t * out_size)67 static int fake_call(keymaster::AndroidKeymaster* device,
68 void (keymaster::AndroidKeymaster::*method)(const Req&, Rsp*), void* in_buf,
69 uint32_t in_size, void* out_buf, uint32_t* out_size) {
70 Req req;
71 const uint8_t* in = static_cast<uint8_t*>(in_buf);
72 req.Deserialize(&in, in + in_size);
73 Rsp rsp;
74 (device->*method)(req, &rsp);
75
76 *out_size = rsp.SerializedSize();
77 uint8_t* out = static_cast<uint8_t*>(out_buf);
78 rsp.Serialize(out, out + *out_size);
79 return 0;
80 }
81
trusty_keymaster_call(uint32_t cmd,void * in_buf,uint32_t in_size,void * out_buf,uint32_t * out_size)82 int trusty_keymaster_call(uint32_t cmd, void* in_buf, uint32_t in_size, void* out_buf,
83 uint32_t* out_size) {
84 switch (cmd) {
85 case KM_GENERATE_KEY:
86 return fake_call(impl_, &keymaster::AndroidKeymaster::GenerateKey, in_buf, in_size,
87 out_buf, out_size);
88 case KM_BEGIN_OPERATION:
89 return fake_call(impl_, &keymaster::AndroidKeymaster::BeginOperation, in_buf, in_size,
90 out_buf, out_size);
91 case KM_UPDATE_OPERATION:
92 return fake_call(impl_, &keymaster::AndroidKeymaster::UpdateOperation, in_buf, in_size,
93 out_buf, out_size);
94 case KM_FINISH_OPERATION:
95 return fake_call(impl_, &keymaster::AndroidKeymaster::FinishOperation, in_buf, in_size,
96 out_buf, out_size);
97 case KM_IMPORT_KEY:
98 return fake_call(impl_, &keymaster::AndroidKeymaster::ImportKey, in_buf, in_size,
99 out_buf, out_size);
100 case KM_EXPORT_KEY:
101 return fake_call(impl_, &keymaster::AndroidKeymaster::ExportKey, in_buf, in_size,
102 out_buf, out_size);
103 }
104 return -EINVAL;
105 }
106
107 namespace keymaster {
108 namespace test {
109
110 class TrustyKeymasterTest : public testing::Test {
111 protected:
TrustyKeymasterTest()112 TrustyKeymasterTest() : device(NULL) {}
113
build_rsa_params()114 keymaster_rsa_keygen_params_t build_rsa_params() {
115 keymaster_rsa_keygen_params_t rsa_params;
116 rsa_params.public_exponent = 65537;
117 rsa_params.modulus_size = 2048;
118 return rsa_params;
119 }
120
build_message(size_t length)121 uint8_t* build_message(size_t length) {
122 uint8_t* msg = new uint8_t[length];
123 memset(msg, 'a', length);
124 return msg;
125 }
126
dsa_message_len(const keymaster_dsa_keygen_params_t & params)127 size_t dsa_message_len(const keymaster_dsa_keygen_params_t& params) {
128 switch (params.key_size) {
129 case 256:
130 case 1024:
131 return 48;
132 case 2048:
133 case 4096:
134 return 72;
135 default:
136 // Oops.
137 return 0;
138 }
139 }
140
141 TrustyKeymasterDevice device;
142 };
143
144 class Malloc_Delete {
145 public:
Malloc_Delete(void * p)146 Malloc_Delete(void* p) : p_(p) {}
~Malloc_Delete()147 ~Malloc_Delete() { free(p_); }
148
149 private:
150 void* p_;
151 };
152
153 typedef TrustyKeymasterTest KeyGenTest;
TEST_F(KeyGenTest,RsaSuccess)154 TEST_F(KeyGenTest, RsaSuccess) {
155 keymaster_rsa_keygen_params_t params = build_rsa_params();
156 uint8_t* ptr = NULL;
157 size_t size;
158 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
159 EXPECT_GT(size, 0U);
160 Malloc_Delete key_deleter(ptr);
161 }
162
TEST_F(KeyGenTest,EcdsaSuccess)163 TEST_F(KeyGenTest, EcdsaSuccess) {
164 keymaster_ec_keygen_params_t ec_params = {256};
165 uint8_t* ptr = NULL;
166 size_t size;
167 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &ec_params, &ptr, &size));
168 EXPECT_GT(size, 0U);
169 Malloc_Delete key_deleter(ptr);
170 }
171
172 typedef TrustyKeymasterTest SigningTest;
TEST_F(SigningTest,RsaSuccess)173 TEST_F(SigningTest, RsaSuccess) {
174 keymaster_rsa_keygen_params_t params = build_rsa_params();
175 uint8_t* ptr = NULL;
176 size_t size;
177 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
178 EXPECT_GT(size, 0U);
179 Malloc_Delete key_deleter(ptr);
180
181 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
182 size_t message_len = params.modulus_size / 8;
183 std::unique_ptr<uint8_t[]> message(build_message(message_len));
184 uint8_t* signature;
185 size_t siglen;
186 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
187 &signature, &siglen));
188 Malloc_Delete sig_deleter(signature);
189 EXPECT_EQ(message_len, siglen);
190 }
191
TEST_F(SigningTest,RsaShortMessage)192 TEST_F(SigningTest, RsaShortMessage) {
193 keymaster_rsa_keygen_params_t params = build_rsa_params();
194 uint8_t* ptr = NULL;
195 size_t size;
196 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
197 EXPECT_GT(size, 0U);
198 Malloc_Delete key_deleter(ptr);
199
200 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
201 size_t message_len = params.modulus_size / 8 - 1;
202 std::unique_ptr<uint8_t[]> message(build_message(message_len));
203 uint8_t* signature;
204 size_t siglen;
205 EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(),
206 message_len, &signature, &siglen));
207 }
208
TEST_F(SigningTest,RsaLongMessage)209 TEST_F(SigningTest, RsaLongMessage) {
210 keymaster_rsa_keygen_params_t params = build_rsa_params();
211 uint8_t* ptr = NULL;
212 size_t size;
213 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
214 EXPECT_GT(size, 0U);
215 Malloc_Delete key_deleter(ptr);
216
217 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
218 size_t message_len = params.modulus_size / 8 + 1;
219 std::unique_ptr<uint8_t[]> message(build_message(message_len));
220 uint8_t* signature;
221 size_t siglen;
222 EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(),
223 message_len, &signature, &siglen));
224 }
225
TEST_F(SigningTest,EcdsaSuccess)226 TEST_F(SigningTest, EcdsaSuccess) {
227 keymaster_ec_keygen_params_t params = {256};
228 uint8_t* ptr = NULL;
229 size_t size;
230 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
231 EXPECT_GT(size, 0U);
232 Malloc_Delete key_deleter(ptr);
233
234 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
235 uint8_t message[] = "12345678901234567890123456789012";
236 uint8_t* signature;
237 size_t siglen;
238 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
239 array_size(message) - 1, &signature, &siglen));
240 Malloc_Delete sig_deleter(signature);
241 EXPECT_GT(siglen, 69U);
242 EXPECT_LT(siglen, 73U);
243 }
244
TEST_F(SigningTest,EcdsaEmptyMessageSuccess)245 TEST_F(SigningTest, EcdsaEmptyMessageSuccess) {
246 keymaster_ec_keygen_params_t params = {256};
247 uint8_t* ptr = NULL;
248 size_t size;
249 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
250 EXPECT_GT(size, 0U);
251 Malloc_Delete key_deleter(ptr);
252
253 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
254 uint8_t message[] = "";
255 uint8_t* signature;
256 size_t siglen;
257 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
258 array_size(message) - 1, &signature, &siglen));
259 Malloc_Delete sig_deleter(signature);
260 EXPECT_GT(siglen, 69U);
261 EXPECT_LT(siglen, 73U);
262 }
263
TEST_F(SigningTest,EcdsaLargeMessageSuccess)264 TEST_F(SigningTest, EcdsaLargeMessageSuccess) {
265 keymaster_ec_keygen_params_t params = {256};
266 uint8_t* ptr = NULL;
267 size_t size;
268 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
269 EXPECT_GT(size, 0U);
270 Malloc_Delete key_deleter(ptr);
271
272 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
273 size_t message_len = 1024 * 7;
274 std::unique_ptr<uint8_t[]> message(new uint8_t[message_len]);
275 // contents of message don't matter.
276 uint8_t* signature;
277 size_t siglen;
278 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
279 &signature, &siglen));
280 Malloc_Delete sig_deleter(signature);
281 EXPECT_GT(siglen, 69U);
282 EXPECT_LT(siglen, 73U);
283 }
284
285 typedef TrustyKeymasterTest VerificationTest;
TEST_F(VerificationTest,RsaSuccess)286 TEST_F(VerificationTest, RsaSuccess) {
287 keymaster_rsa_keygen_params_t params = build_rsa_params();
288 uint8_t* ptr = NULL;
289 size_t size;
290 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
291 EXPECT_GT(size, 0U);
292 Malloc_Delete key_deleter(ptr);
293
294 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
295 size_t message_len = params.modulus_size / 8;
296 std::unique_ptr<uint8_t[]> message(build_message(message_len));
297 uint8_t* signature;
298 size_t siglen;
299 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
300 &signature, &siglen));
301 Malloc_Delete sig_deleter(signature);
302
303 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len,
304 signature, siglen));
305 }
306
TEST_F(VerificationTest,RsaBadSignature)307 TEST_F(VerificationTest, RsaBadSignature) {
308 keymaster_rsa_keygen_params_t params = build_rsa_params();
309 uint8_t* ptr = NULL;
310 size_t size;
311 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
312 EXPECT_GT(size, 0U);
313 Malloc_Delete key_deleter(ptr);
314
315 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
316 size_t message_len = params.modulus_size / 8;
317 std::unique_ptr<uint8_t[]> message(build_message(message_len));
318 uint8_t* signature;
319 size_t siglen;
320 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
321 &signature, &siglen));
322
323 Malloc_Delete sig_deleter(signature);
324 signature[siglen / 2]++;
325 EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED,
326 device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature,
327 siglen));
328 }
329
TEST_F(VerificationTest,RsaBadMessage)330 TEST_F(VerificationTest, RsaBadMessage) {
331 keymaster_rsa_keygen_params_t params = build_rsa_params();
332 uint8_t* ptr = NULL;
333 size_t size;
334 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
335 EXPECT_GT(size, 0U);
336 Malloc_Delete key_deleter(ptr);
337
338 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
339 size_t message_len = params.modulus_size / 8;
340 std::unique_ptr<uint8_t[]> message(build_message(message_len));
341 uint8_t* signature;
342 size_t siglen;
343 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
344 &signature, &siglen));
345 Malloc_Delete sig_deleter(signature);
346 message[0]++;
347 EXPECT_EQ(KM_ERROR_VERIFICATION_FAILED,
348 device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature,
349 siglen));
350 }
351
TEST_F(VerificationTest,RsaShortMessage)352 TEST_F(VerificationTest, RsaShortMessage) {
353 keymaster_rsa_keygen_params_t params = build_rsa_params();
354 uint8_t* ptr = NULL;
355 size_t size;
356 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
357 EXPECT_GT(size, 0U);
358 Malloc_Delete key_deleter(ptr);
359
360 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
361 size_t message_len = params.modulus_size / 8;
362 std::unique_ptr<uint8_t[]> message(build_message(message_len));
363 uint8_t* signature;
364 size_t siglen;
365 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
366 &signature, &siglen));
367
368 Malloc_Delete sig_deleter(signature);
369 EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH,
370 device.verify_data(&sig_params, ptr, size, message.get(), message_len - 1, signature,
371 siglen));
372 }
373
TEST_F(VerificationTest,RsaLongMessage)374 TEST_F(VerificationTest, RsaLongMessage) {
375 keymaster_rsa_keygen_params_t params = build_rsa_params();
376 uint8_t* ptr = NULL;
377 size_t size;
378 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
379 EXPECT_GT(size, 0U);
380 Malloc_Delete key_deleter(ptr);
381
382 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
383 size_t message_len = params.modulus_size / 8;
384 std::unique_ptr<uint8_t[]> message(build_message(message_len + 1));
385 uint8_t* signature;
386 size_t siglen;
387 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
388 &signature, &siglen));
389 Malloc_Delete sig_deleter(signature);
390 EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH,
391 device.verify_data(&sig_params, ptr, size, message.get(), message_len + 1, signature,
392 siglen));
393 }
394
TEST_F(VerificationTest,EcdsaSuccess)395 TEST_F(VerificationTest, EcdsaSuccess) {
396 keymaster_ec_keygen_params_t params = {256};
397 uint8_t* ptr = NULL;
398 size_t size;
399 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
400 EXPECT_GT(size, 0U);
401 Malloc_Delete key_deleter(ptr);
402
403 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
404 uint8_t message[] = "12345678901234567890123456789012";
405 uint8_t* signature;
406 size_t siglen;
407 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
408 array_size(message) - 1, &signature, &siglen));
409 Malloc_Delete sig_deleter(signature);
410 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message,
411 array_size(message) - 1, signature, siglen));
412 }
413
TEST_F(VerificationTest,EcdsaLargeMessageSuccess)414 TEST_F(VerificationTest, EcdsaLargeMessageSuccess) {
415 keymaster_ec_keygen_params_t params = {256};
416 uint8_t* ptr = NULL;
417 size_t size;
418 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
419 EXPECT_GT(size, 0U);
420 Malloc_Delete key_deleter(ptr);
421
422 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
423 size_t message_len = 1024 * 7;
424 std::unique_ptr<uint8_t[]> message(new uint8_t[message_len]);
425 // contents of message don't matter.
426 uint8_t* signature;
427 size_t siglen;
428 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
429 &signature, &siglen));
430 Malloc_Delete sig_deleter(signature);
431 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len,
432 signature, siglen));
433 }
434
read_file(const string & file_name)435 static string read_file(const string& file_name) {
436 ifstream file_stream(file_name, std::ios::binary);
437 istreambuf_iterator<char> file_begin(file_stream);
438 istreambuf_iterator<char> file_end;
439 return string(file_begin, file_end);
440 }
441
442 typedef TrustyKeymasterTest ImportKeyTest;
TEST_F(ImportKeyTest,RsaSuccess)443 TEST_F(ImportKeyTest, RsaSuccess) {
444 string pk8_key = read_file("../../../../system/keymaster/rsa_privkey_pk8.der");
445 ASSERT_EQ(633U, pk8_key.size());
446
447 uint8_t* key = NULL;
448 size_t size;
449 ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()),
450 pk8_key.size(), &key, &size));
451 Malloc_Delete key_deleter(key);
452
453 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
454 size_t message_size = 1024 /* key size */ / 8;
455 std::unique_ptr<uint8_t[]> message(new uint8_t[message_size]);
456 memset(message.get(), 'a', message_size);
457 uint8_t* signature;
458 size_t siglen;
459 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message.get(), message_size,
460 &signature, &siglen));
461 Malloc_Delete sig_deleter(signature);
462 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message.get(), message_size,
463 signature, siglen));
464 }
465
TEST_F(ImportKeyTest,EcdsaSuccess)466 TEST_F(ImportKeyTest, EcdsaSuccess) {
467 string pk8_key = read_file("../../../../system/keymaster/ec_privkey_pk8.der");
468 ASSERT_EQ(138U, pk8_key.size());
469
470 uint8_t* key = NULL;
471 size_t size;
472 ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()),
473 pk8_key.size(), &key, &size));
474 Malloc_Delete key_deleter(key);
475
476 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
477 uint8_t message[] = "12345678901234567890123456789012";
478 uint8_t* signature;
479 size_t siglen;
480 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message,
481 array_size(message) - 1, &signature, &siglen));
482 Malloc_Delete sig_deleter(signature);
483 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message,
484 array_size(message) - 1, signature, siglen));
485 }
486
487 struct EVP_PKEY_CTX_Delete {
operator ()keymaster::test::EVP_PKEY_CTX_Delete488 void operator()(EVP_PKEY_CTX* p) { EVP_PKEY_CTX_free(p); }
489 };
490
VerifySignature(const uint8_t * key,size_t key_len,const uint8_t * signature,size_t signature_len,const uint8_t * message,size_t message_len)491 static void VerifySignature(const uint8_t* key, size_t key_len, const uint8_t* signature,
492 size_t signature_len, const uint8_t* message, size_t message_len) {
493 std::unique_ptr<EVP_PKEY, EVP_PKEY_Delete> pkey(d2i_PUBKEY(NULL, &key, key_len));
494 ASSERT_TRUE(pkey.get() != NULL);
495 std::unique_ptr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
496 ASSERT_TRUE(ctx.get() != NULL);
497 ASSERT_EQ(1, EVP_PKEY_verify_init(ctx.get()));
498 if (EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA)
499 ASSERT_EQ(1, EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_NO_PADDING));
500 EXPECT_EQ(1, EVP_PKEY_verify(ctx.get(), signature, signature_len, message, message_len));
501 }
502
503 typedef TrustyKeymasterTest ExportKeyTest;
TEST_F(ExportKeyTest,RsaSuccess)504 TEST_F(ExportKeyTest, RsaSuccess) {
505 keymaster_rsa_keygen_params_t params = build_rsa_params();
506 uint8_t* ptr = NULL;
507 size_t size;
508 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
509 EXPECT_GT(size, 0U);
510 Malloc_Delete key_deleter(ptr);
511
512 uint8_t* exported;
513 size_t exported_size;
514 EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(ptr, size, &exported, &exported_size));
515 Malloc_Delete exported_deleter(exported);
516
517 // Sign a message so we can verify it with the exported pubkey.
518 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
519 size_t message_len = params.modulus_size / 8;
520 std::unique_ptr<uint8_t[]> message(build_message(message_len));
521 uint8_t* signature;
522 size_t siglen;
523 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
524 &signature, &siglen));
525 Malloc_Delete sig_deleter(signature);
526 EXPECT_EQ(message_len, siglen);
527 const uint8_t* tmp = exported;
528
529 VerifySignature(exported, exported_size, signature, siglen, message.get(), message_len);
530 }
531
532 typedef TrustyKeymasterTest ExportKeyTest;
TEST_F(ExportKeyTest,EcdsaSuccess)533 TEST_F(ExportKeyTest, EcdsaSuccess) {
534 keymaster_ec_keygen_params_t params = {256};
535 uint8_t* key = NULL;
536 size_t size;
537 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &key, &size));
538 EXPECT_GT(size, 0U);
539 Malloc_Delete key_deleter(key);
540
541 uint8_t* exported;
542 size_t exported_size;
543 EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(key, size, &exported, &exported_size));
544 Malloc_Delete exported_deleter(exported);
545
546 // Sign a message so we can verify it with the exported pubkey.
547 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
548 uint8_t message[] = "12345678901234567890123456789012";
549 uint8_t* signature;
550 size_t siglen;
551 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message,
552 array_size(message) - 1, &signature, &siglen));
553 Malloc_Delete sig_deleter(signature);
554 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message,
555 array_size(message) - 1, signature, siglen));
556
557 VerifySignature(exported, exported_size, signature, siglen, message, array_size(message) - 1);
558 }
559
560 } // namespace test
561 } // namespace keymaster
562