1 /*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <keymaster/keymaster_configuration.h>
18
19 #include <stdio.h>
20 #include <memory>
21
22 #include <openssl/evp.h>
23 #include <openssl/x509.h>
24
25 #include <trusty_keymaster/legacy/trusty_keymaster_device.h>
26
27 using keymaster::TrustyKeymasterDevice;
28
29 unsigned char rsa_privkey_pk8_der[] = {
30 0x30, 0x82, 0x02, 0x75, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
31 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x5f, 0x30, 0x82, 0x02, 0x5b,
32 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xc6, 0x09, 0x54, 0x09, 0x04, 0x7d, 0x86, 0x34,
33 0x81, 0x2d, 0x5a, 0x21, 0x81, 0x76, 0xe4, 0x5c, 0x41, 0xd6, 0x0a, 0x75, 0xb1, 0x39, 0x01,
34 0xf2, 0x34, 0x22, 0x6c, 0xff, 0xe7, 0x76, 0x52, 0x1c, 0x5a, 0x77, 0xb9, 0xe3, 0x89, 0x41,
35 0x7b, 0x71, 0xc0, 0xb6, 0xa4, 0x4d, 0x13, 0xaf, 0xe4, 0xe4, 0xa2, 0x80, 0x5d, 0x46, 0xc9,
36 0xda, 0x29, 0x35, 0xad, 0xb1, 0xff, 0x0c, 0x1f, 0x24, 0xea, 0x06, 0xe6, 0x2b, 0x20, 0xd7,
37 0x76, 0x43, 0x0a, 0x4d, 0x43, 0x51, 0x57, 0x23, 0x3c, 0x6f, 0x91, 0x67, 0x83, 0xc3, 0x0e,
38 0x31, 0x0f, 0xcb, 0xd8, 0x9b, 0x85, 0xc2, 0xd5, 0x67, 0x71, 0x16, 0x97, 0x85, 0xac, 0x12,
39 0xbc, 0xa2, 0x44, 0xab, 0xda, 0x72, 0xbf, 0xb1, 0x9f, 0xc4, 0x4d, 0x27, 0xc8, 0x1e, 0x1d,
40 0x92, 0xde, 0x28, 0x4f, 0x40, 0x61, 0xed, 0xfd, 0x99, 0x28, 0x07, 0x45, 0xea, 0x6d, 0x25,
41 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x1b, 0xe0, 0xf0, 0x4d, 0x9c, 0xae, 0x37,
42 0x18, 0x69, 0x1f, 0x03, 0x53, 0x38, 0x30, 0x8e, 0x91, 0x56, 0x4b, 0x55, 0x89, 0x9f, 0xfb,
43 0x50, 0x84, 0xd2, 0x46, 0x0e, 0x66, 0x30, 0x25, 0x7e, 0x05, 0xb3, 0xce, 0xab, 0x02, 0x97,
44 0x2d, 0xfa, 0xbc, 0xd6, 0xce, 0x5f, 0x6e, 0xe2, 0x58, 0x9e, 0xb6, 0x79, 0x11, 0xed, 0x0f,
45 0xac, 0x16, 0xe4, 0x3a, 0x44, 0x4b, 0x8c, 0x86, 0x1e, 0x54, 0x4a, 0x05, 0x93, 0x36, 0x57,
46 0x72, 0xf8, 0xba, 0xf6, 0xb2, 0x2f, 0xc9, 0xe3, 0xc5, 0xf1, 0x02, 0x4b, 0x06, 0x3a, 0xc0,
47 0x80, 0xa7, 0xb2, 0x23, 0x4c, 0xf8, 0xae, 0xe8, 0xf6, 0xc4, 0x7b, 0xbf, 0x4f, 0xd3, 0xac,
48 0xe7, 0x24, 0x02, 0x90, 0xbe, 0xf1, 0x6c, 0x0b, 0x3f, 0x7f, 0x3c, 0xdd, 0x64, 0xce, 0x3a,
49 0xb5, 0x91, 0x2c, 0xf6, 0xe3, 0x2f, 0x39, 0xab, 0x18, 0x83, 0x58, 0xaf, 0xcc, 0xcd, 0x80,
50 0x81, 0x02, 0x41, 0x00, 0xe4, 0xb4, 0x9e, 0xf5, 0x0f, 0x76, 0x5d, 0x3b, 0x24, 0xdd, 0xe0,
51 0x1a, 0xce, 0xaa, 0xf1, 0x30, 0xf2, 0xc7, 0x66, 0x70, 0xa9, 0x1a, 0x61, 0xae, 0x08, 0xaf,
52 0x49, 0x7b, 0x4a, 0x82, 0xbe, 0x6d, 0xee, 0x8f, 0xcd, 0xd5, 0xe3, 0xf7, 0xba, 0x1c, 0xfb,
53 0x1f, 0x0c, 0x92, 0x6b, 0x88, 0xf8, 0x8c, 0x92, 0xbf, 0xab, 0x13, 0x7f, 0xba, 0x22, 0x85,
54 0x22, 0x7b, 0x83, 0xc3, 0x42, 0xff, 0x7c, 0x55, 0x02, 0x41, 0x00, 0xdd, 0xab, 0xb5, 0x83,
55 0x9c, 0x4c, 0x7f, 0x6b, 0xf3, 0xd4, 0x18, 0x32, 0x31, 0xf0, 0x05, 0xb3, 0x1a, 0xa5, 0x8a,
56 0xff, 0xdd, 0xa5, 0xc7, 0x9e, 0x4c, 0xce, 0x21, 0x7f, 0x6b, 0xc9, 0x30, 0xdb, 0xe5, 0x63,
57 0xd4, 0x80, 0x70, 0x6c, 0x24, 0xe9, 0xeb, 0xfc, 0xab, 0x28, 0xa6, 0xcd, 0xef, 0xd3, 0x24,
58 0xb7, 0x7e, 0x1b, 0xf7, 0x25, 0x1b, 0x70, 0x90, 0x92, 0xc2, 0x4f, 0xf5, 0x01, 0xfd, 0x91,
59 0x02, 0x40, 0x23, 0xd4, 0x34, 0x0e, 0xda, 0x34, 0x45, 0xd8, 0xcd, 0x26, 0xc1, 0x44, 0x11,
60 0xda, 0x6f, 0xdc, 0xa6, 0x3c, 0x1c, 0xcd, 0x4b, 0x80, 0xa9, 0x8a, 0xd5, 0x2b, 0x78, 0xcc,
61 0x8a, 0xd8, 0xbe, 0xb2, 0x84, 0x2c, 0x1d, 0x28, 0x04, 0x05, 0xbc, 0x2f, 0x6c, 0x1b, 0xea,
62 0x21, 0x4a, 0x1d, 0x74, 0x2a, 0xb9, 0x96, 0xb3, 0x5b, 0x63, 0xa8, 0x2a, 0x5e, 0x47, 0x0f,
63 0xa8, 0x8d, 0xbf, 0x82, 0x3c, 0xdd, 0x02, 0x40, 0x1b, 0x7b, 0x57, 0x44, 0x9a, 0xd3, 0x0d,
64 0x15, 0x18, 0x24, 0x9a, 0x5f, 0x56, 0xbb, 0x98, 0x29, 0x4d, 0x4b, 0x6a, 0xc1, 0x2f, 0xfc,
65 0x86, 0x94, 0x04, 0x97, 0xa5, 0xa5, 0x83, 0x7a, 0x6c, 0xf9, 0x46, 0x26, 0x2b, 0x49, 0x45,
66 0x26, 0xd3, 0x28, 0xc1, 0x1e, 0x11, 0x26, 0x38, 0x0f, 0xde, 0x04, 0xc2, 0x4f, 0x91, 0x6d,
67 0xec, 0x25, 0x08, 0x92, 0xdb, 0x09, 0xa6, 0xd7, 0x7c, 0xdb, 0xa3, 0x51, 0x02, 0x40, 0x77,
68 0x62, 0xcd, 0x8f, 0x4d, 0x05, 0x0d, 0xa5, 0x6b, 0xd5, 0x91, 0xad, 0xb5, 0x15, 0xd2, 0x4d,
69 0x7c, 0xcd, 0x32, 0xcc, 0xa0, 0xd0, 0x5f, 0x86, 0x6d, 0x58, 0x35, 0x14, 0xbd, 0x73, 0x24,
70 0xd5, 0xf3, 0x36, 0x45, 0xe8, 0xed, 0x8b, 0x4a, 0x1c, 0xb3, 0xcc, 0x4a, 0x1d, 0x67, 0x98,
71 0x73, 0x99, 0xf2, 0xa0, 0x9f, 0x5b, 0x3f, 0xb6, 0x8c, 0x88, 0xd5, 0xe5, 0xd9, 0x0a, 0xc3,
72 0x34, 0x92, 0xd6};
73 unsigned int rsa_privkey_pk8_der_len = 633;
74
75 unsigned char dsa_privkey_pk8_der[] = {
76 0x30, 0x82, 0x01, 0x4b, 0x02, 0x01, 0x00, 0x30, 0x82, 0x01, 0x2b, 0x06, 0x07, 0x2a, 0x86,
77 0x48, 0xce, 0x38, 0x04, 0x01, 0x30, 0x82, 0x01, 0x1e, 0x02, 0x81, 0x81, 0x00, 0xa3, 0xf3,
78 0xe9, 0xb6, 0x7e, 0x7d, 0x88, 0xf6, 0xb7, 0xe5, 0xf5, 0x1f, 0x3b, 0xee, 0xac, 0xd7, 0xad,
79 0xbc, 0xc9, 0xd1, 0x5a, 0xf8, 0x88, 0xc4, 0xef, 0x6e, 0x3d, 0x74, 0x19, 0x74, 0xe7, 0xd8,
80 0xe0, 0x26, 0x44, 0x19, 0x86, 0xaf, 0x19, 0xdb, 0x05, 0xe9, 0x3b, 0x8b, 0x58, 0x58, 0xde,
81 0xe5, 0x4f, 0x48, 0x15, 0x01, 0xea, 0xe6, 0x83, 0x52, 0xd7, 0xc1, 0x21, 0xdf, 0xb9, 0xb8,
82 0x07, 0x66, 0x50, 0xfb, 0x3a, 0x0c, 0xb3, 0x85, 0xee, 0xbb, 0x04, 0x5f, 0xc2, 0x6d, 0x6d,
83 0x95, 0xfa, 0x11, 0x93, 0x1e, 0x59, 0x5b, 0xb1, 0x45, 0x8d, 0xe0, 0x3d, 0x73, 0xaa, 0xf2,
84 0x41, 0x14, 0x51, 0x07, 0x72, 0x3d, 0xa2, 0xf7, 0x58, 0xcd, 0x11, 0xa1, 0x32, 0xcf, 0xda,
85 0x42, 0xb7, 0xcc, 0x32, 0x80, 0xdb, 0x87, 0x82, 0xec, 0x42, 0xdb, 0x5a, 0x55, 0x24, 0x24,
86 0xa2, 0xd1, 0x55, 0x29, 0xad, 0xeb, 0x02, 0x15, 0x00, 0xeb, 0xea, 0x17, 0xd2, 0x09, 0xb3,
87 0xd7, 0x21, 0x9a, 0x21, 0x07, 0x82, 0x8f, 0xab, 0xfe, 0x88, 0x71, 0x68, 0xf7, 0xe3, 0x02,
88 0x81, 0x80, 0x19, 0x1c, 0x71, 0xfd, 0xe0, 0x03, 0x0c, 0x43, 0xd9, 0x0b, 0xf6, 0xcd, 0xd6,
89 0xa9, 0x70, 0xe7, 0x37, 0x86, 0x3a, 0x78, 0xe9, 0xa7, 0x47, 0xa7, 0x47, 0x06, 0x88, 0xb1,
90 0xaf, 0xd7, 0xf3, 0xf1, 0xa1, 0xd7, 0x00, 0x61, 0x28, 0x88, 0x31, 0x48, 0x60, 0xd8, 0x11,
91 0xef, 0xa5, 0x24, 0x1a, 0x81, 0xc4, 0x2a, 0xe2, 0xea, 0x0e, 0x36, 0xd2, 0xd2, 0x05, 0x84,
92 0x37, 0xcf, 0x32, 0x7d, 0x09, 0xe6, 0x0f, 0x8b, 0x0c, 0xc8, 0xc2, 0xa4, 0xb1, 0xdc, 0x80,
93 0xca, 0x68, 0xdf, 0xaf, 0xd2, 0x90, 0xc0, 0x37, 0x58, 0x54, 0x36, 0x8f, 0x49, 0xb8, 0x62,
94 0x75, 0x8b, 0x48, 0x47, 0xc0, 0xbe, 0xf7, 0x9a, 0x92, 0xa6, 0x68, 0x05, 0xda, 0x9d, 0xaf,
95 0x72, 0x9a, 0x67, 0xb3, 0xb4, 0x14, 0x03, 0xae, 0x4f, 0x4c, 0x76, 0xb9, 0xd8, 0x64, 0x0a,
96 0xba, 0x3b, 0xa8, 0x00, 0x60, 0x4d, 0xae, 0x81, 0xc3, 0xc5, 0x04, 0x17, 0x02, 0x15, 0x00,
97 0x81, 0x9d, 0xfd, 0x53, 0x0c, 0xc1, 0x8f, 0xbe, 0x8b, 0xea, 0x00, 0x26, 0x19, 0x29, 0x33,
98 0x91, 0x84, 0xbe, 0xad, 0x81};
99 unsigned int dsa_privkey_pk8_der_len = 335;
100
101 unsigned char ec_privkey_pk8_der[] = {
102 0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce,
103 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x04,
104 0x6d, 0x30, 0x6b, 0x02, 0x01, 0x01, 0x04, 0x20, 0x73, 0x7c, 0x2e, 0xcd, 0x7b, 0x8d,
105 0x19, 0x40, 0xbf, 0x29, 0x30, 0xaa, 0x9b, 0x4e, 0xd3, 0xff, 0x94, 0x1e, 0xed, 0x09,
106 0x36, 0x6b, 0xc0, 0x32, 0x99, 0x98, 0x64, 0x81, 0xf3, 0xa4, 0xd8, 0x59, 0xa1, 0x44,
107 0x03, 0x42, 0x00, 0x04, 0xbf, 0x85, 0xd7, 0x72, 0x0d, 0x07, 0xc2, 0x54, 0x61, 0x68,
108 0x3b, 0xc6, 0x48, 0xb4, 0x77, 0x8a, 0x9a, 0x14, 0xdd, 0x8a, 0x02, 0x4e, 0x3b, 0xdd,
109 0x8c, 0x7d, 0xdd, 0x9a, 0xb2, 0xb5, 0x28, 0xbb, 0xc7, 0xaa, 0x1b, 0x51, 0xf1, 0x4e,
110 0xbb, 0xbb, 0x0b, 0xd0, 0xce, 0x21, 0xbc, 0xc4, 0x1c, 0x6e, 0xb0, 0x00, 0x83, 0xcf,
111 0x33, 0x76, 0xd1, 0x1f, 0xd4, 0x49, 0x49, 0xe0, 0xb2, 0x18, 0x3b, 0xfe};
112 unsigned int ec_privkey_pk8_der_len = 138;
113
114 keymaster_key_param_t ec_params[] = {
115 keymaster_param_enum(KM_TAG_ALGORITHM, KM_ALGORITHM_EC),
116 keymaster_param_long(KM_TAG_EC_CURVE, KM_EC_CURVE_P_521),
117 keymaster_param_enum(KM_TAG_PURPOSE, KM_PURPOSE_SIGN),
118 keymaster_param_enum(KM_TAG_PURPOSE, KM_PURPOSE_VERIFY),
119 keymaster_param_enum(KM_TAG_DIGEST, KM_DIGEST_NONE),
120 keymaster_param_bool(KM_TAG_NO_AUTH_REQUIRED),
121 };
122 keymaster_key_param_set_t ec_param_set = {ec_params, sizeof(ec_params) / sizeof(*ec_params)};
123
124 keymaster_key_param_t rsa_params[] = {
125 keymaster_param_enum(KM_TAG_ALGORITHM, KM_ALGORITHM_RSA),
126 keymaster_param_int(KM_TAG_KEY_SIZE, 1024),
127 keymaster_param_long(KM_TAG_RSA_PUBLIC_EXPONENT, 65537),
128 keymaster_param_enum(KM_TAG_PURPOSE, KM_PURPOSE_SIGN),
129 keymaster_param_enum(KM_TAG_PURPOSE, KM_PURPOSE_VERIFY),
130 keymaster_param_enum(KM_TAG_PADDING, KM_PAD_NONE),
131 keymaster_param_enum(KM_TAG_DIGEST, KM_DIGEST_NONE),
132 keymaster_param_bool(KM_TAG_NO_AUTH_REQUIRED),
133 };
134 keymaster_key_param_set_t rsa_param_set = {rsa_params, sizeof(rsa_params) / sizeof(*rsa_params)};
135
136 struct EVP_PKEY_Delete {
operator ()EVP_PKEY_Delete137 void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
138 };
139
140 struct EVP_PKEY_CTX_Delete {
operator ()EVP_PKEY_CTX_Delete141 void operator()(EVP_PKEY_CTX* p) { EVP_PKEY_CTX_free(p); }
142 };
143
do_operation(TrustyKeymasterDevice * device,keymaster_purpose_t purpose,keymaster_key_blob_t * key,keymaster_blob_t * input,keymaster_blob_t * signature,keymaster_blob_t * output)144 static bool do_operation(TrustyKeymasterDevice* device, keymaster_purpose_t purpose,
145 keymaster_key_blob_t* key, keymaster_blob_t* input,
146 keymaster_blob_t* signature, keymaster_blob_t* output) {
147 keymaster_key_param_t params[] = {
148 keymaster_param_enum(KM_TAG_PADDING, KM_PAD_NONE),
149 keymaster_param_enum(KM_TAG_DIGEST, KM_DIGEST_NONE),
150 };
151 keymaster_key_param_set_t param_set = {params, sizeof(params) / sizeof(*params)};
152 keymaster_operation_handle_t op_handle;
153 keymaster_error_t error = device->begin(purpose, key, ¶m_set, nullptr, &op_handle);
154 if (error != KM_ERROR_OK) {
155 printf("Keymaster begin() failed: %d\n", error);
156 return false;
157 }
158 size_t input_consumed;
159 error = device->update(op_handle, nullptr, input, &input_consumed, nullptr, nullptr);
160 if (error != KM_ERROR_OK) {
161 printf("Keymaster update() failed: %d\n", error);
162 return false;
163 }
164 if (input_consumed != input->data_length) {
165 // This should never happen. If it does, it's a bug in the keymaster implementation.
166 printf("Keymaster update() did not consume all data.\n");
167 device->abort(op_handle);
168 return false;
169 }
170 error = device->finish(op_handle, nullptr, nullptr, signature, nullptr, output);
171 if (error != KM_ERROR_OK) {
172 printf("Keymaster finish() failed: %d\n", error);
173 return false;
174 }
175 return true;
176 }
177
test_import_rsa(TrustyKeymasterDevice * device)178 static bool test_import_rsa(TrustyKeymasterDevice* device) {
179 printf("===================\n");
180 printf("= RSA Import Test =\n");
181 printf("===================\n\n");
182
183 printf("=== Importing RSA keypair === \n");
184 keymaster_key_blob_t key;
185 keymaster_blob_t private_key = {rsa_privkey_pk8_der, rsa_privkey_pk8_der_len};
186 int error =
187 device->import_key(&rsa_param_set, KM_KEY_FORMAT_PKCS8, &private_key, &key, nullptr);
188 if (error != KM_ERROR_OK) {
189 printf("Error importing RSA key: %d\n\n", error);
190 return false;
191 }
192 std::unique_ptr<const uint8_t[]> key_deleter(key.key_material);
193
194 printf("=== Signing with imported RSA key ===\n");
195 size_t message_len = 1024 / 8;
196 std::unique_ptr<uint8_t[]> message(new uint8_t[message_len]);
197 memset(message.get(), 'a', message_len);
198 keymaster_blob_t input = {message.get(), message_len}, signature;
199
200 if (!do_operation(device, KM_PURPOSE_SIGN, &key, &input, nullptr, &signature)) {
201 printf("Error signing data with imported RSA key\n\n");
202 return false;
203 }
204 std::unique_ptr<const uint8_t[]> signature_deleter(signature.data);
205
206 printf("=== Verifying with imported RSA key === \n");
207 if (!do_operation(device, KM_PURPOSE_VERIFY, &key, &input, &signature, nullptr)) {
208 printf("Error verifying data with imported RSA key\n\n");
209 return false;
210 }
211
212 printf("\n");
213 return true;
214 }
215
test_rsa(TrustyKeymasterDevice * device)216 static bool test_rsa(TrustyKeymasterDevice* device) {
217 printf("============\n");
218 printf("= RSA Test =\n");
219 printf("============\n\n");
220
221 printf("=== Generating RSA key pair ===\n");
222 keymaster_key_blob_t key;
223 int error = device->generate_key(&rsa_param_set, &key, nullptr);
224 if (error != KM_ERROR_OK) {
225 printf("Error generating RSA key pair: %d\n\n", error);
226 return false;
227 }
228 std::unique_ptr<const uint8_t[]> key_deleter(key.key_material);
229
230 printf("=== Signing with RSA key === \n");
231 size_t message_len = 1024 / 8;
232 std::unique_ptr<uint8_t[]> message(new uint8_t[message_len]);
233 memset(message.get(), 'a', message_len);
234 keymaster_blob_t input = {message.get(), message_len}, signature;
235
236 if (!do_operation(device, KM_PURPOSE_SIGN, &key, &input, nullptr, &signature)) {
237 printf("Error signing data with RSA key\n\n");
238 return false;
239 }
240 std::unique_ptr<const uint8_t[]> signature_deleter(signature.data);
241
242 printf("=== Verifying with RSA key === \n");
243 if (!do_operation(device, KM_PURPOSE_VERIFY, &key, &input, &signature, nullptr)) {
244 printf("Error verifying data with RSA key\n\n");
245 return false;
246 }
247
248 printf("=== Exporting RSA public key ===\n");
249 keymaster_blob_t exported_key;
250 error = device->export_key(KM_KEY_FORMAT_X509, &key, nullptr, nullptr, &exported_key);
251 if (error != KM_ERROR_OK) {
252 printf("Error exporting RSA public key: %d\n\n", error);
253 return false;
254 }
255
256 printf("=== Verifying with exported key ===\n");
257 const uint8_t* tmp = exported_key.data;
258 std::unique_ptr<EVP_PKEY, EVP_PKEY_Delete> pkey(
259 d2i_PUBKEY(NULL, &tmp, exported_key.data_length));
260 std::unique_ptr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
261 if (EVP_PKEY_verify_init(ctx.get()) != 1) {
262 printf("Error initializing openss EVP context\n\n");
263 return false;
264 }
265 if (EVP_PKEY_type(pkey->type) != EVP_PKEY_RSA) {
266 printf("Exported key was the wrong type?!?\n\n");
267 return false;
268 }
269
270 EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_NO_PADDING);
271 if (EVP_PKEY_verify(ctx.get(), signature.data, signature.data_length, message.get(),
272 message_len) != 1) {
273 printf("Verification with exported pubkey failed.\n\n");
274 return false;
275 } else {
276 printf("Verification succeeded\n");
277 }
278
279 printf("\n");
280 return true;
281 }
282
test_import_ecdsa(TrustyKeymasterDevice * device)283 static bool test_import_ecdsa(TrustyKeymasterDevice* device) {
284 printf("=====================\n");
285 printf("= ECDSA Import Test =\n");
286 printf("=====================\n\n");
287
288 printf("=== Importing ECDSA keypair === \n");
289 keymaster_key_blob_t key;
290 keymaster_blob_t private_key = {ec_privkey_pk8_der, ec_privkey_pk8_der_len};
291 int error = device->import_key(&ec_param_set, KM_KEY_FORMAT_PKCS8, &private_key, &key, nullptr);
292 if (error != KM_ERROR_OK) {
293 printf("Error importing ECDSA key: %d\n\n", error);
294 return false;
295 }
296 std::unique_ptr<const uint8_t[]> deleter(key.key_material);
297
298 printf("=== Signing with imported ECDSA key ===\n");
299 size_t message_len = 30 /* arbitrary */;
300 std::unique_ptr<uint8_t[]> message(new uint8_t[message_len]);
301 memset(message.get(), 'a', message_len);
302 keymaster_blob_t input = {message.get(), message_len}, signature;
303
304 if (!do_operation(device, KM_PURPOSE_SIGN, &key, &input, nullptr, &signature)) {
305 printf("Error signing data with imported ECDSA key\n\n");
306 return false;
307 }
308 std::unique_ptr<const uint8_t[]> signature_deleter(signature.data);
309
310 printf("=== Verifying with imported ECDSA key === \n");
311 if (!do_operation(device, KM_PURPOSE_VERIFY, &key, &input, &signature, nullptr)) {
312 printf("Error verifying data with imported ECDSA key\n\n");
313 return false;
314 }
315
316 printf("\n");
317 return true;
318 }
319
test_ecdsa(TrustyKeymasterDevice * device)320 static bool test_ecdsa(TrustyKeymasterDevice* device) {
321 printf("==============\n");
322 printf("= ECDSA Test =\n");
323 printf("==============\n\n");
324
325 printf("=== Generating ECDSA key pair ===\n");
326 keymaster_key_blob_t key;
327 int error = device->generate_key(&ec_param_set, &key, nullptr);
328 if (error != KM_ERROR_OK) {
329 printf("Error generating ECDSA key pair: %d\n\n", error);
330 return false;
331 }
332 std::unique_ptr<const uint8_t[]> key_deleter(key.key_material);
333
334 printf("=== Signing with ECDSA key === \n");
335 size_t message_len = 30 /* arbitrary */;
336 std::unique_ptr<uint8_t[]> message(new uint8_t[message_len]);
337 memset(message.get(), 'a', message_len);
338 keymaster_blob_t input = {message.get(), message_len}, signature;
339
340 if (!do_operation(device, KM_PURPOSE_SIGN, &key, &input, nullptr, &signature)) {
341 printf("Error signing data with ECDSA key\n\n");
342 return false;
343 }
344 std::unique_ptr<const uint8_t[]> signature_deleter(signature.data);
345
346 printf("=== Verifying with ECDSA key === \n");
347 if (!do_operation(device, KM_PURPOSE_VERIFY, &key, &input, &signature, nullptr)) {
348 printf("Error verifying data with ECDSA key\n\n");
349 return false;
350 }
351
352 printf("=== Exporting ECDSA public key ===\n");
353 keymaster_blob_t exported_key;
354 error = device->export_key(KM_KEY_FORMAT_X509, &key, nullptr, nullptr, &exported_key);
355 if (error != KM_ERROR_OK) {
356 printf("Error exporting ECDSA public key: %d\n\n", error);
357 return false;
358 }
359
360 printf("=== Verifying with exported key ===\n");
361 const uint8_t* tmp = exported_key.data;
362 std::unique_ptr<EVP_PKEY, EVP_PKEY_Delete> pkey(
363 d2i_PUBKEY(NULL, &tmp, exported_key.data_length));
364 std::unique_ptr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
365 if (EVP_PKEY_verify_init(ctx.get()) != 1) {
366 printf("Error initializing openssl EVP context\n\n");
367 return false;
368 }
369 if (EVP_PKEY_type(pkey->type) != EVP_PKEY_EC) {
370 printf("Exported key was the wrong type?!?\n\n");
371 return false;
372 }
373
374 if (EVP_PKEY_verify(ctx.get(), signature.data, signature.data_length, message.get(),
375 message_len) != 1) {
376 printf("Verification with exported pubkey failed.\n\n");
377 return false;
378 } else {
379 printf("Verification succeeded\n");
380 }
381
382 printf("\n");
383 return true;
384 }
385
main(void)386 int main(void) {
387 TrustyKeymasterDevice device(NULL);
388 keymaster::ConfigureDevice(reinterpret_cast<keymaster2_device_t*>(&device));
389 if (device.session_error() != KM_ERROR_OK) {
390 printf("Failed to initialize Trusty session: %d\n", device.session_error());
391 return 1;
392 }
393 printf("Trusty session initialized\n");
394
395 bool success = true;
396 success &= test_rsa(&device);
397 success &= test_import_rsa(&device);
398 success &= test_ecdsa(&device);
399 success &= test_import_ecdsa(&device);
400
401 if (success) {
402 printf("\nTESTS PASSED!\n");
403 } else {
404 printf("\n!!!!TESTS FAILED!!!\n");
405 }
406
407 return success ? 0 : 1;
408 }
409