• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2021 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <stdint.h>
18 #include <stdlib.h>
19 #include <trusty_unittest.h>
20 
21 #include <endian.h>
22 #include <trusty/time.h>
23 #include <trusty_unittest.h>
24 
25 #include <dice/cbor_reader.h>
26 
27 #include <lib/keymaster/keymaster.h>
28 #include <uapi/err.h>
29 
30 #define TLOG_TAG "keymaster-test"
31 
32 typedef struct fixture {
33     int km_handle;
34 } keymaster_t;
35 
TEST_F_SETUP(keymaster)36 TEST_F_SETUP(keymaster) {
37     _state->km_handle = keymaster_open();
38 }
39 
TEST_F_TEARDOWN(keymaster)40 TEST_F_TEARDOWN(keymaster) {
41     keymaster_close(_state->km_handle);
42 }
43 
TEST(keymaster,open_handle)44 TEST(keymaster, open_handle) {
45     int km_handle = keymaster_open();
46     ASSERT_GE(km_handle, 0);
47 test_abort:
48     keymaster_close(km_handle);
49 }
50 
TEST_F(keymaster,get_key)51 TEST_F(keymaster, get_key) {
52     uint8_t* key_buf = NULL;
53     uint32_t key_buf_size;
54 
55     int ret = keymaster_get_auth_token_key(_state->km_handle, &key_buf,
56                                            &key_buf_size);
57     ASSERT_EQ(ret, NO_ERROR);
58     ASSERT_NE(key_buf, NULL);
59     ASSERT_EQ(key_buf_size, sizeof(((hw_auth_token_t*)0)->hmac));
60 
61 test_abort:
62     free(key_buf);
63 }
64 
TEST_F(keymaster,get_ids)65 TEST_F(keymaster, get_ids) {
66     uint8_t* id_buf = NULL;
67     uint32_t id_buf_size;
68 
69     int ret =
70             keymaster_get_device_info(_state->km_handle, &id_buf, &id_buf_size);
71     ASSERT_EQ(ret, NO_ERROR);
72     ASSERT_NE(id_buf, NULL);
73     ASSERT_GT(id_buf_size, 0);
74 
75     struct CborIn in;
76     CborInInit(id_buf, id_buf_size, &in);
77     size_t val;
78     ASSERT_EQ(CBOR_READ_RESULT_OK, CborReadMap(&in, &val));
79     // Assert that there is at least one pair. Further verification
80     // is hard to do due to lack of device IDs on the QEMU test platform.
81     ASSERT_GT(val, 0);
82 
83 test_abort:
84     free(id_buf);
85 }
86 
calculate_checksum(void * bytes,size_t len)87 static uint64_t calculate_checksum(void* bytes, size_t len) {
88     uint64_t checksum = 0;
89     for (size_t i = 0; i < len; i += sizeof(checksum)) {
90         uint64_t tmp;
91         /* Copy word to satisfy alignment requirements */
92         memcpy(&tmp, bytes + i, sizeof(tmp));
93         checksum ^= tmp;
94     }
95     return checksum;
96 }
97 
TEST_F(keymaster,sign_and_auth_token)98 TEST_F(keymaster, sign_and_auth_token) {
99     int64_t secure_time_ns = 0;
100 
101     int ret = trusty_gettime(0, &secure_time_ns);
102     ASSERT_EQ(ret, NO_ERROR);
103 
104     hw_auth_token_t token = {0,
105                              0xdeadbeef,
106                              0xdeadbeef,
107                              0,
108                              HW_AUTH_NONE,
109                              htobe64(secure_time_ns),
110                              {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
111                               0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}};
112     uint64_t checksum = calculate_checksum(token.hmac, sizeof(token.hmac));
113     ASSERT_EQ(checksum, 0);
114 
115     ret = keymaster_sign_auth_token(_state->km_handle, &token);
116     ASSERT_EQ(ret, NO_ERROR);
117 
118     /* Add all the bytes into a checksum to see if this was actually set. In
119        reality, this might collide with zero rarely, but only for 1/2^64
120        possible hmacs. If this test fails due to collision maybe buy a
121        lottery ticket. */
122     checksum = calculate_checksum(token.hmac, sizeof(token.hmac));
123     ASSERT_NE((uint64_t)checksum, (uint64_t)0);
124 
125     ret = keymaster_validate_auth_token(_state->km_handle, &token);
126     ASSERT_EQ(ret, NO_ERROR);
127 
128     /* set the time again, so we get a different hmac */
129     ret = trusty_gettime(0, &secure_time_ns);
130     ASSERT_EQ(ret, NO_ERROR);
131 
132     hw_auth_token_t token2 = {0,
133                               0xdeadbeef,
134                               0xdeadbeef,
135                               0,
136                               HW_AUTH_NONE,
137                               htobe64(secure_time_ns),
138                               {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
139                                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}};
140 
141     ret = keymaster_sign_auth_token(_state->km_handle, &token2);
142 
143     uint64_t checksum2 = calculate_checksum(token2.hmac, sizeof(token2.hmac));
144     ASSERT_NE(checksum2, checksum);
145 
146     ret = keymaster_validate_auth_token(_state->km_handle, &token2);
147     ASSERT_EQ(ret, NO_ERROR);
148 test_abort:;
149 }
150 
151 PORT_TEST(keymaster, "com.android.trusty.keymaster.secure.test")
152