• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 use super::*;
2 use crate::expect_err;
3 use crate::tag::legacy::{consume_u32, consume_u64, consume_u8, consume_vec};
4 use alloc::vec;
5 
6 #[test]
test_consume_u8()7 fn test_consume_u8() {
8     let buffer = vec![1, 2];
9     let mut data = &buffer[..];
10     assert_eq!(1u8, consume_u8(&mut data).unwrap());
11     assert_eq!(2u8, consume_u8(&mut data).unwrap());
12     let result = consume_u8(&mut data);
13     expect_err!(result, "failed to find 1 byte");
14 }
15 
16 #[test]
test_consume_u32()17 fn test_consume_u32() {
18     let buffer = vec![
19         0x01, 0x02, 0x03, 0x04, //
20         0x04, 0x03, 0x02, 0x01, //
21         0x11, 0x12, 0x13,
22     ];
23     let mut data = &buffer[..];
24     assert_eq!(0x04030201u32, consume_u32(&mut data).unwrap());
25     assert_eq!(0x01020304u32, consume_u32(&mut data).unwrap());
26     let result = consume_u32(&mut data);
27     expect_err!(result, "failed to find 4 bytes");
28 }
29 
30 #[test]
test_consume_u64()31 fn test_consume_u64() {
32     let buffer = vec![
33         0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, //
34         0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, //
35         0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
36     ];
37     let mut data = &buffer[..];
38     assert_eq!(0x0807060504030201u64, consume_u64(&mut data).unwrap());
39     assert_eq!(0x0102030405060708u64, consume_u64(&mut data).unwrap());
40     let result = consume_u64(&mut data);
41     expect_err!(result, "failed to find 8 bytes");
42 }
43 
44 #[test]
test_consume_vec()45 fn test_consume_vec() {
46     let buffer = vec![
47         0x01, 0x00, 0x00, 0x00, 0xaa, //
48         0x00, 0x00, 0x00, 0x00, //
49         0x01, 0x00, 0x00, 0x00, 0xbb, //
50         0x07, 0x00, 0x00, 0x00, 0xbb, // not enough data
51     ];
52     let mut data = &buffer[..];
53     assert_eq!(vec![0xaa], consume_vec(&mut data).unwrap());
54     assert_eq!(Vec::<u8>::new(), consume_vec(&mut data).unwrap());
55     assert_eq!(vec![0xbb], consume_vec(&mut data).unwrap());
56     let result = consume_vec(&mut data);
57     expect_err!(result, "failed to find 7 bytes");
58 
59     let buffer = vec![
60         0x01, 0x00, 0x00, //
61     ];
62     let mut data = &buffer[..];
63     let result = consume_vec(&mut data);
64     expect_err!(result, "failed to find 4 bytes");
65 }
66 
67 #[test]
test_serialize_encrypted_keyblob()68 fn test_serialize_encrypted_keyblob() {
69     let tests = vec![
70         (
71             concat!(
72                 "00", // format
73                 "01000000",
74                 "aa", // nonce
75                 "02000000",
76                 "bbbb", // ciphertext
77                 "01000000",
78                 "cc", // tag
79                 concat!(
80                     "00000000", // no blob data
81                     "00000000", // no params
82                     "00000000", // zero size of params
83                 ),
84                 concat!(
85                     "00000000", // no blob data
86                     "00000000", // no params
87                     "00000000", // zero size of params
88                 ),
89             ),
90             EncryptedKeyBlob {
91                 format: AuthEncryptedBlobFormat::AesOcb,
92                 nonce: vec![0xaa],
93                 ciphertext: vec![0xbb, 0xbb],
94                 tag: vec![0xcc],
95                 kdf_version: None,
96                 addl_info: None,
97                 hw_enforced: vec![],
98                 sw_enforced: vec![],
99                 key_slot: None,
100             },
101         ),
102         (
103             concat!(
104                 "01", // format
105                 "01000000",
106                 "aa", // nonce
107                 "02000000",
108                 "bbbb", // ciphertext
109                 "01000000",
110                 "cc", // tag
111                 concat!(
112                     "00000000", // no blob data
113                     "00000000", // no params
114                     "00000000", // zero size of params
115                 ),
116                 concat!(
117                     "00000000", // no blob data
118                     "00000000", // no params
119                     "00000000", // zero size of params
120                 ),
121                 "06000000",
122             ),
123             EncryptedKeyBlob {
124                 format: AuthEncryptedBlobFormat::AesGcmWithSwEnforced,
125                 nonce: vec![0xaa],
126                 ciphertext: vec![0xbb, 0xbb],
127                 tag: vec![0xcc],
128                 kdf_version: None,
129                 addl_info: None,
130                 hw_enforced: vec![],
131                 sw_enforced: vec![],
132                 key_slot: Some(6),
133             },
134         ),
135         (
136             concat!(
137                 "03", // format
138                 "01000000",
139                 "aa", // nonce
140                 "02000000",
141                 "bbbb", // ciphertext
142                 "01000000",
143                 "cc",       // tag
144                 "01010101", // kdf_version
145                 "04040404", // addl_info
146                 concat!(
147                     "00000000", // no blob data
148                     "00000000", // no params
149                     "00000000", // zero size of params
150                 ),
151                 concat!(
152                     "00000000", // no blob data
153                     "00000000", // no params
154                     "00000000", // zero size of params
155                 ),
156                 "06000000",
157             ),
158             EncryptedKeyBlob {
159                 format: AuthEncryptedBlobFormat::AesGcmWithSwEnforcedVersioned,
160                 nonce: vec![0xaa],
161                 ciphertext: vec![0xbb, 0xbb],
162                 tag: vec![0xcc],
163                 kdf_version: Some(0x01010101),
164                 addl_info: Some(0x04040404),
165                 hw_enforced: vec![],
166                 sw_enforced: vec![],
167                 key_slot: Some(6),
168             },
169         ),
170     ];
171     for (hex_data, want) in tests {
172         let data = hex::decode(hex_data).unwrap();
173         let got = EncryptedKeyBlob::deserialize(&data).unwrap();
174         assert_eq!(got, want);
175         let new_data = got.serialize().unwrap();
176         assert_eq!(new_data, data);
177     }
178 }
179 
180 #[test]
test_deserialize_encrypted_keyblob_fail()181 fn test_deserialize_encrypted_keyblob_fail() {
182     let tests = vec![
183         (
184             concat!(
185                 "09", // format (invalid)
186                 "01000000",
187                 "aa", // nonce
188                 "02000000",
189                 "bbbb", // ciphertext
190                 "01000000",
191                 "cc", // tag
192                 concat!(
193                     "00000000", // no blob data
194                     "00000000", // no params
195                     "00000000", // zero size of params
196                 ),
197                 concat!(
198                     "00000000", // no blob data
199                     "00000000", // no params
200                     "00000000", // zero size of params
201                 ),
202             ),
203             "unexpected blob format 9",
204         ),
205         (
206             concat!(
207                 "02", // format
208                 "01000000",
209                 "aa", // nonce
210                 "02000000",
211                 "bbbb", // ciphertext
212                 "01000000",
213                 "cc", // tag
214                 concat!(
215                     "00000000", // no blob data
216                     "00000000", // no params
217                     "00000000", // zero size of params
218                 ),
219                 concat!(
220                     "00000000", // no blob data
221                     "00000000", // no params
222                     "00000000", // zero size of params
223                 ),
224                 "060000",
225             ),
226             "unexpected remaining length 3",
227         ),
228     ];
229     for (hex_data, msg) in tests {
230         let data = hex::decode(hex_data).unwrap();
231         let result = EncryptedKeyBlob::deserialize(&data);
232         expect_err!(result, msg);
233     }
234 }
235 
236 #[test]
test_deserialize_encrypted_keyblob_truncated()237 fn test_deserialize_encrypted_keyblob_truncated() {
238     let data = hex::decode(concat!(
239         "00", // format
240         "01000000",
241         "aa", // nonce
242         "02000000",
243         "bbbb", // ciphertext
244         "01000000",
245         "cc", // tag
246         concat!(
247             "00000000", // no blob data
248             "00000000", // no params
249             "00000000", // zero size of params
250         ),
251         concat!(
252             "00000000", // no blob data
253             "00000000", // no params
254             "00000000", // zero size of params
255         ),
256     ))
257     .unwrap();
258     assert!(EncryptedKeyBlob::deserialize(&data).is_ok());
259     for len in 0..data.len() - 1 {
260         // Any truncation of this data is invalid.
261         assert!(
262             EncryptedKeyBlob::deserialize(&data[..len]).is_err(),
263             "deserialize of data[..{}] subset (len={}) unexpectedly succeeded",
264             len,
265             data.len()
266         );
267     }
268 }
269