1 /*
2 * Copyright 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <fstream>
18
19 #include <cppbor_parse.h>
20 #include <gtest/gtest.h>
21
22 #include <keymaster/contexts/soft_attestation_context.h>
23 #include <keymaster/keymaster_context.h>
24 #include <keymaster/km_openssl/attestation_record.h>
25
26 #include "android_keymaster_test_utils.h"
27
28 // Use TAG_KDF as an 'unknown tag', as it is not deliberately thrown out
29 // in attestation_record.cpp, but still among the keymaster tag types.
30 #define UNKNOWN_TAG static_cast<keymaster_tag_t>(KM_ULONG_REP | 50)
31 #define UNKNOWN_TAG_VALUE 0
32
33 namespace keymaster {
34 namespace test {
35
36 TypedTag<KM_ULONG_REP, UNKNOWN_TAG> UNKNOWN_TAG_T;
37
38 class TestContext : public SoftAttestationContext {
39 public:
TestContext(KmVersion version)40 TestContext(KmVersion version) : SoftAttestationContext(version) {}
41
GetSecurityLevel() const42 keymaster_security_level_t GetSecurityLevel() const override {
43 return KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT;
44 }
GenerateUniqueId(uint64_t,const keymaster_blob_t & application_id,bool,keymaster_error_t * error) const45 Buffer GenerateUniqueId(uint64_t /* creation_date_time */,
46 const keymaster_blob_t& application_id, bool /* reset_since_rotation */,
47 keymaster_error_t* error) const override {
48 // Use the application ID directly as the unique ID.
49 *error = KM_ERROR_OK;
50 return {application_id.data, application_id.data_length};
51 }
GetVerifiedBootParams(keymaster_error_t * error) const52 const VerifiedBootParams* GetVerifiedBootParams(keymaster_error_t* error) const override {
53 static VerifiedBootParams params{};
54 params.verified_boot_key = {vboot_key_, sizeof(vboot_key_)};
55 params.verified_boot_state = KM_VERIFIED_BOOT_VERIFIED;
56 params.device_locked = true;
57 *error = KM_ERROR_OK;
58 return ¶ms;
59 }
60
VerifyRootOfTrust(const keymaster_blob_t & verified_boot_key,keymaster_verified_boot_t verified_boot_state,bool device_locked)61 void VerifyRootOfTrust(const keymaster_blob_t& verified_boot_key,
62 keymaster_verified_boot_t verified_boot_state, bool device_locked) {
63 EXPECT_EQ(sizeof(vboot_key_), verified_boot_key.data_length);
64 if (sizeof(vboot_key_) == verified_boot_key.data_length) {
65 EXPECT_EQ(0, memcmp(verified_boot_key.data, vboot_key_, sizeof(vboot_key_)));
66 }
67 EXPECT_TRUE(device_locked);
68 EXPECT_EQ(KM_VERIFIED_BOOT_VERIFIED, verified_boot_state);
69 }
70
71 private:
72 uint8_t vboot_key_[32]{"test_vboot_key"};
73 };
74
75 class KeymintTestContext : public TestContext {
76 public:
KeymintTestContext()77 KeymintTestContext() : TestContext(KmVersion::KEYMINT_1) {}
78 };
79
80 class KeymasterTestContext : public TestContext {
81 public:
KeymasterTestContext()82 KeymasterTestContext() : TestContext(KmVersion::KEYMASTER_4_1) {} // Last Keymaster version
83 };
84
TEST(AttestAsn1Test,Simple)85 TEST(AttestAsn1Test, Simple) {
86 const char* fake_app_id = "fake_app_id";
87 const char* fake_app_data = "fake_app_data";
88 const char* fake_challenge = "fake_challenge";
89 const char* fake_attest_app_id = "fake_attest_app_id";
90 KeymasterTestContext context;
91 AuthorizationSet hw_set(AuthorizationSetBuilder()
92 .RsaSigningKey(512, 3)
93 .Digest(KM_DIGEST_SHA_2_256)
94 .Digest(KM_DIGEST_SHA_2_384)
95 .Authorization(TAG_OS_VERSION, 60000)
96 .Authorization(TAG_OS_PATCHLEVEL, 201512));
97 AuthorizationSet sw_set(
98 AuthorizationSetBuilder()
99 .Authorization(TAG_ACTIVE_DATETIME, 10)
100 .Authorization(TAG_CREATION_DATETIME, 10)
101 .Authorization(TAG_APPLICATION_ID, fake_app_id, strlen(fake_app_id))
102 .Authorization(TAG_APPLICATION_DATA, fake_app_data, strlen(fake_app_data)));
103
104 UniquePtr<uint8_t[]> asn1;
105 size_t asn1_len = 0;
106 AuthorizationSet attest_params(
107 AuthorizationSetBuilder()
108 .Authorization(TAG_INCLUDE_UNIQUE_ID)
109 .Authorization(TAG_ATTESTATION_CHALLENGE, fake_challenge, strlen(fake_challenge))
110 .Authorization(TAG_ATTESTATION_APPLICATION_ID, fake_attest_app_id,
111 strlen(fake_attest_app_id)));
112 ASSERT_EQ(KM_ERROR_OK,
113 build_attestation_record(attest_params, sw_set, hw_set, context, &asn1, &asn1_len));
114 EXPECT_GT(asn1_len, 0U);
115
116 std::ofstream output("attest.der",
117 std::ofstream::out | std::ofstream::binary | std::ofstream::trunc);
118 if (output) output.write(reinterpret_cast<const char*>(asn1.get()), asn1_len);
119 output.close();
120
121 AuthorizationSet parsed_hw_set;
122 AuthorizationSet parsed_sw_set;
123 uint32_t attestation_version;
124 uint32_t keymaster_version;
125 keymaster_security_level_t attestation_security_level;
126 keymaster_security_level_t keymaster_security_level;
127 keymaster_blob_t attestation_challenge = {};
128 keymaster_blob_t unique_id = {};
129 EXPECT_EQ(KM_ERROR_OK,
130 parse_attestation_record(asn1.get(), asn1_len, &attestation_version,
131 &attestation_security_level, &keymaster_version,
132 &keymaster_security_level, &attestation_challenge,
133 &parsed_sw_set, &parsed_hw_set, &unique_id));
134
135 // Check that the challenge is consistent across build and parse.
136 EXPECT_EQ(std::string(fake_challenge),
137 std::string(reinterpret_cast<const char*>(attestation_challenge.data),
138 attestation_challenge.data_length));
139 delete[] attestation_challenge.data;
140
141 // Check that the unique id was populated as expected.
142 EXPECT_EQ(std::string(fake_attest_app_id),
143 std::string(reinterpret_cast<const char*>(unique_id.data), unique_id.data_length));
144 delete[] unique_id.data;
145
146 // The attestation ID is expected to appear in parsed_sw_set.
147 sw_set.push_back(TAG_ATTESTATION_APPLICATION_ID, fake_attest_app_id,
148 strlen(fake_attest_app_id));
149
150 // The TAG_INCLUDE_UNIQUE_ID tag is not expected to appear in parsed_hw_set.
151 hw_set.erase(hw_set.find(TAG_INCLUDE_UNIQUE_ID));
152
153 // Application data is not expected to appear in parsed_sw_set.
154 sw_set.erase(sw_set.find(TAG_APPLICATION_ID));
155 sw_set.erase(sw_set.find(TAG_APPLICATION_DATA));
156
157 // Check that the list of tags is consistent across build and parse.
158 hw_set.Sort();
159 sw_set.Sort();
160 parsed_hw_set.Sort();
161 parsed_sw_set.Sort();
162 EXPECT_EQ(hw_set, parsed_hw_set);
163 EXPECT_EQ(sw_set, parsed_sw_set);
164
165 // Check the root of trust values.
166 keymaster_blob_t verified_boot_key;
167 keymaster_verified_boot_t verified_boot_state;
168 bool device_locked;
169 EXPECT_EQ(KM_ERROR_OK, parse_root_of_trust(asn1.get(), asn1_len, &verified_boot_key,
170 &verified_boot_state, &device_locked));
171 context.VerifyRootOfTrust(verified_boot_key, verified_boot_state, device_locked);
172 delete[] verified_boot_key.data;
173 }
174
TEST(EatTest,Simple)175 TEST(EatTest, Simple) {
176 const char* fake_imei = "490154203237518";
177 const char* fake_app_id = "fake_app_id";
178 const char* fake_app_data = "fake_app_data";
179 const char* fake_challenge = "fake_challenge";
180 const char* fake_attest_app_id = "fake_attest_app_id";
181 KeymintTestContext context;
182 AuthorizationSet hw_set(
183 AuthorizationSetBuilder()
184 .RsaSigningKey(512, 3)
185 .Digest(KM_DIGEST_SHA_2_256)
186 .Digest(KM_DIGEST_SHA_2_384)
187 .Authorization(TAG_OS_VERSION, 60000)
188 .Authorization(TAG_OS_PATCHLEVEL, 201512)
189 .Authorization(TAG_ATTESTATION_ID_IMEI, fake_imei, strlen(fake_imei)));
190 AuthorizationSet sw_set(
191 AuthorizationSetBuilder()
192 .Authorization(TAG_ACTIVE_DATETIME, 10)
193 .Authorization(TAG_CREATION_DATETIME, 10)
194 .Authorization(TAG_APPLICATION_ID, fake_app_id, strlen(fake_app_id))
195 .Authorization(TAG_APPLICATION_DATA, fake_app_data, strlen(fake_app_data)));
196
197 std::vector<uint8_t> eat;
198 AuthorizationSet attest_params(
199 AuthorizationSetBuilder()
200 .Authorization(TAG_INCLUDE_UNIQUE_ID)
201 .Authorization(TAG_ATTESTATION_CHALLENGE, fake_challenge, strlen(fake_challenge))
202 .Authorization(TAG_ATTESTATION_APPLICATION_ID, fake_attest_app_id,
203 strlen(fake_attest_app_id)));
204 ASSERT_EQ(KM_ERROR_OK, build_eat_record(attest_params, sw_set, hw_set, context, &eat));
205 EXPECT_GT(eat.size(), 0U);
206
207 std::ofstream output("eat.der",
208 std::ofstream::out | std::ofstream::binary | std::ofstream::trunc);
209 if (output) output.write(reinterpret_cast<const char*>(&eat[0]), eat.size() * sizeof(uint8_t));
210 output.close();
211
212 AuthorizationSet parsed_hw_set;
213 AuthorizationSet parsed_sw_set;
214 uint32_t attestation_version;
215 uint32_t keymaster_version;
216 keymaster_security_level_t attestation_security_level;
217 keymaster_security_level_t keymaster_security_level;
218 keymaster_blob_t attestation_challenge = {};
219 keymaster_blob_t unique_id = {};
220 keymaster_blob_t verified_boot_key = {};
221 keymaster_verified_boot_t verified_boot_state;
222 bool device_locked;
223 std::vector<int64_t> unexpected_claims;
224 EXPECT_EQ(KM_ERROR_OK,
225 parse_eat_record(eat.data(), eat.size(), &attestation_version,
226 &attestation_security_level, &keymaster_version,
227 &keymaster_security_level, &attestation_challenge, &parsed_sw_set,
228 &parsed_hw_set, &unique_id, &verified_boot_key, &verified_boot_state,
229 &device_locked, &unexpected_claims));
230
231 // Check that there were no unexpected claims when parsing.
232 EXPECT_EQ(std::vector<int64_t>(), unexpected_claims);
233
234 // Check that the challenge is consistent across build and parse.
235 EXPECT_EQ(std::string(fake_challenge),
236 std::string(reinterpret_cast<const char*>(attestation_challenge.data),
237 attestation_challenge.data_length));
238 delete[] attestation_challenge.data;
239
240 // Check that the unique id was populated as expected.
241 EXPECT_EQ(std::string(fake_attest_app_id),
242 std::string(reinterpret_cast<const char*>(unique_id.data), unique_id.data_length));
243 delete[] unique_id.data;
244
245 // The attestation ID is expected to appear in parsed_sw_set.
246 sw_set.push_back(TAG_ATTESTATION_APPLICATION_ID, fake_attest_app_id,
247 strlen(fake_attest_app_id));
248
249 // The TAG_INCLUDE_UNIQUE_ID tag is not expected to appear in parsed_hw_set.
250 hw_set.erase(hw_set.find(TAG_INCLUDE_UNIQUE_ID));
251
252 // Application data is not expected to appear in parsed_sw_set.
253 sw_set.erase(sw_set.find(TAG_APPLICATION_ID));
254 sw_set.erase(sw_set.find(TAG_APPLICATION_DATA));
255
256 // Check that the list of tags is consistent across build and parse.
257 hw_set.Sort();
258 sw_set.Sort();
259 parsed_hw_set.Sort();
260 parsed_sw_set.Sort();
261 EXPECT_EQ(hw_set, parsed_hw_set);
262 EXPECT_EQ(sw_set, parsed_sw_set);
263
264 // Check the root of trust values.
265 context.VerifyRootOfTrust(verified_boot_key, verified_boot_state, device_locked);
266 delete[] verified_boot_key.data;
267 }
268
TEST(BadImeiTest,Simple)269 TEST(BadImeiTest, Simple) {
270 const char* fake_challenge = "fake_challenge";
271 const char* fake_attest_app_id = "fake_attest_app_id";
272 const char* invalid_imei = "1234567890123456";
273 KeymintTestContext context;
274 AuthorizationSet hw_set(AuthorizationSetBuilder().Authorization(
275 TAG_ATTESTATION_ID_IMEI, invalid_imei, strlen(invalid_imei)));
276 AuthorizationSet attest_params(
277 AuthorizationSetBuilder()
278 .Authorization(TAG_ATTESTATION_CHALLENGE, fake_challenge, strlen(fake_challenge))
279 .Authorization(TAG_ATTESTATION_APPLICATION_ID, fake_attest_app_id,
280 strlen(fake_attest_app_id)));
281 AuthorizationSet sw_set;
282
283 std::vector<uint8_t> eat;
284 ASSERT_EQ(KM_ERROR_INVALID_TAG, build_eat_record(attest_params, sw_set, hw_set, context, &eat));
285 }
286
TEST(MissingAuthChallengeTest,Simple)287 TEST(MissingAuthChallengeTest, Simple) {
288 const char* fake_attest_app_id = "fake_attest_app_id";
289 KeymintTestContext context;
290 AuthorizationSet hw_set(AuthorizationSetBuilder().Authorization(TAG_OS_PATCHLEVEL, 201512));
291 AuthorizationSet attest_params(AuthorizationSetBuilder().Authorization(
292 TAG_ATTESTATION_APPLICATION_ID, fake_attest_app_id, strlen(fake_attest_app_id)));
293 AuthorizationSet sw_set;
294
295 std::vector<uint8_t> eat;
296 ASSERT_EQ(KM_ERROR_ATTESTATION_CHALLENGE_MISSING,
297 build_eat_record(attest_params, sw_set, hw_set, context, &eat));
298 }
299
TEST(UnknownTagTest,Simple)300 TEST(UnknownTagTest, Simple) {
301 const char* fake_challenge = "fake_challenge";
302 const char* fake_attest_app_id = "fake_attest_app_id";
303 KeymintTestContext context;
304 AuthorizationSet unknown_tag_set(
305 AuthorizationSetBuilder().Authorization(UNKNOWN_TAG_T, UNKNOWN_TAG_VALUE));
306
307 // Test adding an unknown tag to both sets. The tag should be retained only in the software
308 // submod.
309 std::vector<uint8_t> eat;
310 AuthorizationSet attest_params(
311 AuthorizationSetBuilder()
312 .Authorization(TAG_ATTESTATION_CHALLENGE, fake_challenge, strlen(fake_challenge))
313 .Authorization(TAG_ATTESTATION_APPLICATION_ID, fake_attest_app_id,
314 strlen(fake_attest_app_id)));
315 ASSERT_EQ(KM_ERROR_OK,
316 build_eat_record(attest_params, unknown_tag_set, unknown_tag_set, context, &eat));
317 EXPECT_GT(eat.size(), 0U);
318
319 AuthorizationSet parsed_hw_set;
320 AuthorizationSet parsed_sw_set;
321 uint32_t attestation_version;
322 uint32_t keymaster_version;
323 keymaster_security_level_t attestation_security_level;
324 keymaster_security_level_t keymaster_security_level;
325 keymaster_blob_t attestation_challenge = {};
326 keymaster_blob_t unique_id = {};
327 keymaster_blob_t verified_boot_key = {};
328 keymaster_verified_boot_t verified_boot_state;
329 bool device_locked;
330 std::vector<int64_t> unexpected_claims;
331 // Parsing should fail, because the software submod retains the unknown tag.
332 EXPECT_EQ(KM_ERROR_INVALID_TAG,
333 parse_eat_record(eat.data(), eat.size(), &attestation_version,
334 &attestation_security_level, &keymaster_version,
335 &keymaster_security_level, &attestation_challenge, &parsed_sw_set,
336 &parsed_hw_set, &unique_id, &verified_boot_key, &verified_boot_state,
337 &device_locked, &unexpected_claims));
338
339 // Perform a manual inspection of the EAT token, checking that the tag is retained in the
340 // software submod, but not in the hardware submod.
341 auto [top_level_item, next_pos, error] = cppbor::parse(eat.data(), eat.size());
342 ASSERT_NE(top_level_item, nullptr);
343 const cppbor::Map* eat_map = top_level_item->asMap();
344 ASSERT_NE(eat_map, nullptr);
345 bool found_in_software_submod = false;
346 bool found_in_hardware_submod = false;
347 for (size_t i = 0; i < eat_map->size(); i++) {
348 auto& [eat_key, eat_value] = (*eat_map)[i];
349 const cppbor::Int* root_key = eat_key->asInt();
350 if ((EatClaim)root_key->value() == EatClaim::SUBMODS) {
351 const cppbor::Map* submods_map = eat_value->asMap();
352 // Check for each submod whether it contains the expected value.
353 for (size_t j = 0; j < submods_map->size(); j++) {
354 auto& [submod_key, submod_value] = (*submods_map)[j];
355 const cppbor::Map* submod_map = submod_value->asMap();
356 bool found_in_submod = false;
357 EatSecurityLevel submod_security_level;
358 for (size_t k = 0; k < submod_map->size(); k++) {
359 auto& [key_item, value_item] = (*submod_map)[k];
360 const cppbor::Int* key_int = key_item->asInt();
361 if (key_int->value() == convert_to_eat_claim(UNKNOWN_TAG_T)) {
362 found_in_submod = true;
363 } else if ((EatClaim)key_int->value() == EatClaim::SECURITY_LEVEL) {
364 submod_security_level = (EatSecurityLevel)value_item->asInt()->value();
365 }
366 }
367 if (submod_security_level == EatSecurityLevel::UNRESTRICTED) {
368 found_in_software_submod = found_in_submod;
369 } else if (submod_security_level == EatSecurityLevel::SECURE_RESTRICTED) {
370 found_in_hardware_submod = found_in_submod;
371 }
372 }
373 }
374 }
375 EXPECT_FALSE(found_in_hardware_submod);
376 EXPECT_TRUE(found_in_software_submod);
377 }
378
379 } // namespace test
380 } // namespace keymaster
381